www.ugra.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.ugra.kp.ru/
Effective URL:
https://www.ugra.kp.ru/
Submission Tags: ru kp l4ing press news h8 Search All
Submission: On July 09 via manual (July 9th 2022, 5:01:30 pm UTC) from UA — Scanned from DE

Summary HTTP 329 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 62 IPs in 12 countries across 46 domains to perform 329 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.ugra.kp.ru.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time www.ugra.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
14	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
33	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
19	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	138.201.34.239 138.201.34.239	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
6	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2606:4700:10:... 2606:4700:10::6816:294a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 24	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	46.161.36.3 46.161.36.3	49505 (SELECTEL) (SELECTEL)
1 3	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 14	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	185.147.80.106 185.147.80.106	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.58.18.216 52.58.18.216	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2 2	52.31.65.246 52.31.65.246	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:be00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6 14	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
20	2a00:1450:401... 2a00:1450:4014:80b::2006	15169 (GOOGLE) (GOOGLE)
1	185.162.95.72 185.162.95.72	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	52.213.150.8 52.213.150.8	16509 (AMAZON-02) (AMAZON-02)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.28.179.158 52.28.179.158	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	195.209.111.13 195.209.111.13	52007 (ADRIVER-AS) (ADRIVER-AS)
2 3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
329	62

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

m.ugra.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ugra.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s11.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s13.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s15.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.34.239 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.239.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:294a (United States)

ASN13335 (CLOUDFLARENET, US)

jsn.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.36.3 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp2.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.147.80.106 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: smir13.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.18.216 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-18-216.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.65.246 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-65-246.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:be00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.116 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4014:80b::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.95.72 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ads5-1.smir10.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.150.8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.179.158 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-179-158.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.13 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com	2 MB
38	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	511 KB
33	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 259658 s11.stc.yc.kpcdn.net — Cisco Umbrella Rank: 303759 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 295937 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 373783 s13.stc.yc.kpcdn.net — Cisco Umbrella Rank: 302255 s15.stc.yc.kpcdn.net — Cisco Umbrella Rank: 302256	874 KB
21	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10773 banners.adfox.ru — Cisco Umbrella Rank: 61881	94 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	473 KB
20	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1297 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 28061 mc.yandex.ru — Cisco Umbrella Rank: 3472 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25280	362 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	569 KB
17	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	3 KB
11	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	2 KB
10	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	4 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6189	234 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	7 KB
8	24smi.net jsn.24smi.net — Cisco Umbrella Rank: 58053 data.24smi.net — Cisco Umbrella Rank: 58626 img.24smi.net — Cisco Umbrella Rank: 78961	58 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	6 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	210 KB
4	demdex.net 2 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	4 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	1 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 10783	62 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
4	adriver.ru 1 redirects pb.adriver.ru — Cisco Umbrella Rank: 38127 ssp.adriver.ru — Cisco Umbrella Rank: 14142	1 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18578	2 KB
4	kp.ru 2 redirects m.ugra.kp.ru www.ugra.kp.ru	109 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
3	stat.media stat.media — Cisco Umbrella Rank: 22336	29 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	777 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 117395 smi2.net — Cisco Umbrella Rank: 46224	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	210 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2197	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11075	1011 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 61709	624 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	40 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4852	651 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	2 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	2 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 42666	757 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9125	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12943	553 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 587	191 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2942	104 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 48295	868 B
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7874	22 KB
1	kp.house identity.kp.house — Cisco Umbrella Rank: 271500	2 KB
0	bidvol.com Failed ssp.bidvol.com Failed
329	46

	Domain	Requested by
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com googleads.g.doubleclick.net www.ugra.kp.ru 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com s0.2mdn.net www.googletagservices.com
26	s01.stc.yc.kpcdn.net	www.ugra.kp.ru s01.stc.yc.kpcdn.net
24	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com www.ugra.kp.ru s0.2mdn.net
20	s0.2mdn.net	www.ugra.kp.ru s0.2mdn.net 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
19	ads.adfox.ru	yandex.ru
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
14	www.google.com	2 redirects tpc.googlesyndication.com 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
14	yandex.ru	www.ugra.kp.ru yandex.ru yastatic.net
12	fonts.gstatic.com	fonts.googleapis.com
10	googleads.g.doubleclick.net	2 redirects 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com www.ugra.kp.ru 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com www.googleadservices.com
10	mc.yandex.com	2 redirects mc.yandex.ru
9	yastatic.net	yandex.ru yastatic.net www.ugra.kp.ru
8	www.google.de
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ugra.kp.ru
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	yastatic.net 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
4	skydeutschland.demdex.net	2 redirects 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	www.ugra.kp.ru
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tns-counter.ru	1 redirects www.ugra.kp.ru tns-counter.ru
4	img.24smi.net
4	mc.yandex.ru	1 redirects yandex.ru www.ugra.kp.ru yastatic.net
4	fonts.googleapis.com	yastatic.net client 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
4	exchange.buzzoola.com	2 redirects www.ugra.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	stat.media	target.smi2.net stat.media
3	stats.g.doubleclick.net	www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects
3	www.googletagmanager.com	www.ugra.kp.ru www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	m.exactag.com	8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
2	static.adsafeprotected.com	8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	encrypted-tbn1.gstatic.com	1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
2	d.adtriba.com	1 redirects 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
2	77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.yadro.ru	1 redirects
2	target.smi2.net	www.ugra.kp.ru
2	1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru
2	data.24smi.net	jsn.24smi.net
2	jsn.24smi.net	yastatic.net jsn.24smi.net
2	gum.criteo.com	1 redirects static.criteo.net
2	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	s09.stc.yc.kpcdn.net	www.ugra.kp.ru
2	www.ugra.kp.ru	www.ugra.kp.ru
2	m.ugra.kp.ru	2 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	ssp.adriver.ru	1 redirects
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	smi2.net
1	smi2.ru
1	www.gstatic.com	1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
1	ysa-static.passport.yandex.ru
1	avatars.mds.yandex.net
1	mug.criteo.com
1	s15.stc.yc.kpcdn.net	www.ugra.kp.ru
1	s13.stc.yc.kpcdn.net	www.ugra.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
1	matchid.adfox.yandex.ru	yandex.ru
1	s11.stc.yc.kpcdn.net	www.ugra.kp.ru
0	ssp.bidvol.com Failed	yandex.ru
329	79

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
ugra.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
uralian.kp.ru R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
identity.kp.house R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-13` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
stat.media R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.ugra.kp.ru/
Frame ID: 8998ED044527B7FAF85FC70236CD34F4
Requests: 170 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ugra.kp.ru
Frame ID: 5ABEB842D092B0FCA4F8A91196359B01
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: DD52717CAF7DA808E262FF0E9EB9AEB2
Requests: 8 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: C76E44C2BCFC69549624E183902E2936
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8A67B4CE22E0E1FD3E73F5B5AF447437
Requests: 8 HTTP requests in this frame

Frame: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DCB7AAECCE0B7D30E55B900D9C8B5882
Requests: 1 HTTP requests in this frame

Frame: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9405CCC35569DB3797D6A632CD4788FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19EC0DA3472F594FAE5D025ED8F5E631
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E90BDF4EB0B1B20936A0B1A5D67757DE
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F89797135C429E33B2E9D2E3FC8C3C38
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC46D518BBAC0C339A2657E36A70521D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77D81A6235DC2928A444C87037612F26
Requests: 2 HTTP requests in this frame

Frame: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A715013F4763E72AF749208F4F47A176
Requests: 20 HTTP requests in this frame

Frame: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 11D0D9DB00736AE947C43F145F1282DD
Requests: 18 HTTP requests in this frame

Frame: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E899EC2746906E8D8DA358C445D36662
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXHh4GKk2FIflQei8LL_8-gV3Mvgt6U-NpsTby4mhX6AfZb9Pgy14PMGWNCfBU_GKXbEqqayA4IRvRgw7WNPrNfnTciHyVasmGDFjqgodzaMCOHTvQeXqZ9izEP4UMrj_zFKKVZZYU2D0pN8JL6U2CESugJQwvKDR6Msoa4OpmdZW0B8bY
Frame ID: BD34E7C9457A74677CA9271C1E7D52E8
Requests: 5 HTTP requests in this frame

Frame: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0CE92313AD2DBF1AB1E4D8E93523A64C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: B37CEE9D97CE55C0F453F2CC38F0E4DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31751BB67E67408D1F84CADC8BFD2ECE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D99A5BDE37DB3CE273C963BFD6064AA7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6BB2E50BCC57EFD4B05E57588D828D0
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNXIriZyA3ys6MgQltEReo_cYW3Pt-VZWH6a-jYq_3mYoq0aFL7CwnJPc_Yo3Nx_cFgF-7DmIbGUTKOMmbU7CzQ2Xl4H56vN9PRHyWHRHH6ttCfDUsG_ZWCgq6bkCfmjb8kE2xN7KBUPOg46hbKfnGX5hb3copw234_NQ8Ag9McwGhmWiMw
Frame ID: D7B874C85E30F4EA2339E491024BBD03
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
Frame ID: 08CB7BE86F2C270A51F0E6911E13F58C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 569B4F7D20784A5694C45A45FE6EECD4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8344BF3688FC2FD3BD6C1B073E50562
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
Frame ID: 6DED16C170876DDFE01FB303B8C5FA33
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: 64E152B3C98B274A19CE620C58817152
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Югры и Ханты-Мансийского автономного округа: главные новости на сегодня | Комсомольская Правда в Югре - KP.Ru

Page URL History Show full URLs

http://m.ugra.kp.ru/ HTTP 301
https://m.ugra.kp.ru/ HTTP 303
https://www.ugra.kp.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

329
Requests

91 %
HTTPS

56 %
IPv6

46
Domains

79
Subdomains

62
IPs

12
Countries

5609 kB
Transfer

11615 kB
Size

69
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://ugra.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://ugra.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://ugra.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://ugra.kp.ru/dom/
Title: Недвижимость

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=2442361657386081353&hash=311b9bb046792873&puid1=adv-1657386081301-514&sj=c7zz7I7Xy2wazqrnqTRU6D85sKGNFLAr1jyqJ_lGAtmd2DdSJKRn3iP-EVScrw%3D%3D&rand=bvhtpcw&rqs=YKQWZFfGtzxhtMlixU4acmQ0T_a-3efd&puid3=top%3Aregion&pr=nfjqfyy&p1=clerf&ytt=417816030347269&p5=ljjmt&ybv=0.612088&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=gvdq&ylv=0.612088&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=2442361657386081353&hash=311b9bb046792873&puid1=adv-1657386081301-514&sj=c7zz7I7Xy2wazqrnqTRU6D85sKGNFLAr1jyqJ_lGAtmd2DdSJKRn3iP-EVScrw%3D%3D&rand=bvhtpcw&rqs=YKQWZFfGtzxhtMlixU4acmQ0T_a-3efd&puid3=top%3Aregion&pr=nfjqfyy&p1=clerf&ytt=417816030347269&p5=ljjmt&ybv=0.612088&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=gvdq&ylv=0.612088&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.ugra.kp.ru/ HTTP 301
https://m.ugra.kp.ru/ HTTP 303
https://www.ugra.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 52

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.ugra.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mur3S3xoSHpKQjZPM3VTb2xhSHkyTkwySmJHUTFzWHlyWWc1SVRBSHBneVVELzVNdjl0UDlhOE9LZ20vd3pEK1Fjc0x0TlJCT0RyUGJlTGhJbTA4NFFONnNVMlBEWGUrdDJpNVhybk04RS8xVkpNeU0vRHNMc0c0N2hRK3l1dFVOWUw0WnErTDJFRngzRG44bWlWcFZMMysyMGN3Vm5nZERUeVdCa3RHOHVQSDlPaDVCOThVWWFEYmpGVUxjV3c0K0FUaW4yS1NzY1phODlCai9lWUhZbXl6T1oyTFhrU2JGemlJUTF3MFRGaHdwUEdqN0NmV1hPNVFwUVJqMGdvOFZsdlBHaXpDbU5pSEhOSDNqRmxNM3N5bFVEQT09fA&cppv=2

Request Chain 131

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.4TG2RlEoSIfOLmOT2IzpAW_7-9Hf4rx7OCZUpzU5q6r-kmVRLFHIBBtLTV3QYqtw.qp1zwz0FKVDjmbItfo549z9AKGY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9694.vSJSxjszNJrz9LX8wZcW7bmbexa9qh3bNd7UGoyVamPuL_VWWMnmn3T075p7u_YvACJunVcMFKZkWyXjmsOe_H_1LLQZRydDB-5cN6zjhsM%2C.8HFgZfCuOWcU4vQwoK8yeYOZadI%2C

Request Chain 148

https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u0442%u044B-%u041C%u0430%u043D%u0441%u0438%u0439%u0441%u043A%u043E%u0433%u043E%20%u0430%u0432%u0442%u043E%u043D%u043E%u043C%u043D%u043E%u0433%u043E%20%u043E%u043A%u0440%u0443%u0433%u0430%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20;0.1379251487647981 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?q;r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u0442%u044B-%u041C%u0430%u043D%u0441%u0438%u0439%u0441%u043A%u043E%u0433%u043E%20%u0430%u0432%u0442%u043E%u043D%u043E%u043C%u043D%u043E%u0433%u043E%20%u043E%u043A%u0440%u0443%u0433%u0430%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20;0.1379251487647981

Request Chain 149

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 178

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170122%3Aet%3A1657386083%3Ac%3A1%3Arn%3A923031480%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386079268%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170122%3Aet%3A1657386083%3Ac%3A1%3Arn%3A923031480%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386079268%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 187

https://d.adtriba.com/collect?atb_ptid=7f2b0ae8&atb_dcaid=Display%20%7C%20WB%20%7C%20Conversion%20Puppy&atb_dpuid=GDN&cachebuster=3259637614 HTTP 302
https://d.adtriba.com/px.gif

Request Chain 196

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052

Request Chain 203

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXxortIxDQDxjQDzIIMlSmiZ_II1Y HTTP 301
https://tpc.googlesyndication.com/simgad/3454667762144682155

Request Chain 209

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17611747867&bidurl=https://www.ugra.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hVGBj72RcG5IQxRVQ31yNP HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRY0gOZJaEXhYajFbSTMuk&google_cver=1

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENcwj1t737MqOJWgjE1kx08&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcwj1t737MqOJWgjE1kx08%26google_cver%3D1

Request Chain 224

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

Request Chain 244

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17610765076&bidurl=https://www.ugra.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iOfFOCmSfUnCxshe6EgzOs HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 251

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdpr_consent=

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

Request Chain 255

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKv_8nvcw39RxCVzYx750Ac&google_cver=1

Request Chain 257

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

Request Chain 278

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOsPuwLaiJ_uqNzB2SiqrkxvlAKO7OhDYCyQgJl3zgkRjUtC65DTKwoJwg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOsPuwLaiJ_uqNzB2SiqrkxvlAKO7OhDYCyQgJl3zgkRjUtC65DTKwoJwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWFPNTRJYlMxT2FkUEM1&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOsPuwLaiJ_uqNzB2SiqrkxvlAKO7OhDYCyQgJl3zgkRjUtC65DTKwoJwg

Request Chain 280

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAwQWM6sJFURIyCrIlKywak&google_cver=1&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEYr-gRG6dd1xxF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=en-zI4boScmsRKwNf2ydPg2&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEYr-gRG6dd1xxF

Request Chain 281

https://d5p.de17a.com/cookies/google?google_gid=CAESED6lDsQFSCp3fWkdTMUziVs&google_cver=1&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED6lDsQFSCp3fWkdTMUziVs&google_cver=1&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw

Request Chain 282

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEDtnGTKzHls2fG0_g8kFneM&google_cver=1&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_mS9qR37iMc7ENyHWOF-NiFusxx5yu_Dg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_mS9qR37iMc7ENyHWOF-NiFusxx5yu_Dg&google_hm=QTBrZVRwbDNXTmZYa0V2YU1ielhwRVE=

Request Chain 283

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_cver=1&google_push=ARnp8GA9FLkhSZ2zYer8PZa1HIn5ReXdO-_J4S6WynYdeP8MOrjIJiRNCvG9kYcanVCZzVWHIxpouTeyD44dDbQItWGDdadDUBM5Jw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAABFEAAAIB&google_nid=index&google_push=ARnp8GA9FLkhSZ2zYer8PZa1HIn5ReXdO-_J4S6WynYdeP8MOrjIJiRNCvG9kYcanVCZzVWHIxpouTeyD44dDbQItWGDdadDUBM5Jw

Request Chain 289

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdpr_consent=

Request Chain 303

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZLTJYqHSKKfJmLAPw8e0qAk&random=2074240918&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342&ipr=y

Request Chain 304

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZLTJYs3UKIHyxgKC9pCoCA&random=1174069790&sscte=1&crd=CM2osQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=3679943927 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=3679943927&ipr=y

329 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ugra.kp.ru/
Redirect Chain

http://m.ugra.kp.ru/
https://m.ugra.kp.ru/
https://www.ugra.kp.ru/

796 KB
106 KB

358ms
237ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 701e10e8bdc33d696bcc7f66dd5eb676fa5daa8ccd219fb7804646a136565c67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 17:01:20 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E2BF065E254F

Redirect headers

content-length: 50
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 17:01:19 GMT
location: https://www.ugra.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 122 KB
32 KB 291ms
100ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080559576-3795584582808041750-sas5-9950-2d8-sas-l7-balancer-8080-BAL-3507
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 18:01:20 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 285 KB
77 KB 293ms
103ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

914adaddf018cd043174b905ceef50d08be529ded36c7f45c62ba15cfc063464

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080559835-11095595343405108551-sas5-9950-2d8-sas-l7-balancer-8080-BAL-5420
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 18:01:20 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 149ms
52ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
x-server-trace-id: 2bf17f0b6e6173e6:b57c4bb8325acb6b:2bf17f0b6e6173e6:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 22100
x-request-id: 204c20a7-61b8-4547-816c-8178166d1334
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 147ms
58ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
x-server-trace-id: afad5821806a2a46:af1e72f8617e4174:afad5821806a2a46:1
x-amz-request-id: a416ddac7bebc6e1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 39768
x-request-id: 2befb131-e8b4-4dff-b558-84c94cacd2af
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 6 KB
7 KB 145ms
50ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
x-server-trace-id: 3301aa97446a0412:6329a33afb9c66ca:3301aa97446a0412:1
x-amz-request-id: b976cc2a0f92a3e9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:35:04+00:00
content-length: 6368
x-request-id: 30109ef6-a61f-45b5-a82e-56564b794c41
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 favicon-16.png
www.ugra.kp.ru/boom/api/2/metrics/adaptive/ 514 B
922 B 191ms
190ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ugra.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=ugra

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: 64e21c2050b33dee:fcee7ee282d7ae0b:64e21c2050b33dee:1
x-amz-request-id: bf724faf74a1eaf1
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: f831f194-260a-48c0-8027-5783fc1c6157

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
1 KB 143ms
51ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d.svg

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 19936907c6df2a5d:127581ba1515589b:19936907c6df2a5d:1
x-amz-request-id: c4ae4268d509d1d4
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T15:23:30+00:00
x-request-id: 60112770-6bc8-4cc2-ba30-0c7106e3f1bd
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:53 GMT
server: nginx
etag: W/"eb1d088e654cd61490ce9ed3f821ccd4"
x-amz-version-id: 0005D1CC491EC82D
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 wr-750.webp
s11.stc.yc.kpcdn.net/share/i/12/12591520/ 34 KB
34 KB 242ms
144ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s11.stc.yc.kpcdn.net/share/i/12/12591520/wr-750.webp
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 36e953c55ffb65ac84fcac7de82393e4ebe449001547c35f7896fb2e768feb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Fri, 08 Jul 2022 15:13:35 GMT
server: nginx
x-amz-request-id: 52ac99eae468e56e
etag: "8347bf5a08d86826222520d73ec416ac"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 34502
expires: Wed, 13 Jul 2022 17:01:20 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
304 B 146ms
49ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: fe954d188d2236ed
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-07-05T18:49:14+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 13 Jul 2022 17:01:20 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 339 KB
128 KB 153ms
74ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~adaptive.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 7fca37d86a2b629b:3182bd9f5f425f59:7fca37d86a2b629b:1
x-amz-request-id: 400bfd1d3428c392
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:34:21+00:00
x-request-id: af8221c9-5eef-474c-8a71-6c9dbc2583e6
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:27 GMT
server: nginx
etag: W/"98675e5b796bd847a8803e1c69d8b874"
x-amz-version-id: 0005E2A927C058B5
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 276 KB
81 KB 133ms
55ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 2c48d64b28ddc73a:d243e6019309bb9b:2c48d64b28ddc73a:1
x-amz-request-id: 6fec95927367b62f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:34:21+00:00
x-request-id: af2a6c7e-84f8-4b4d-8bb6-628219e73747
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"2378fe123e0fecebba09157bb2536b9c"
x-amz-version-id: 0005E2BE6FE323CA
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 67 KB
23 KB 95ms
94ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive-topbar.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 3cca0dc6dbb7f768:e7d384279caae811:3cca0dc6dbb7f768:1
x-amz-request-id: 3fefe15302dab99d
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:34:21+00:00
x-request-id: 5fe886ad-50bd-45a1-b75b-2a3e46e3bb15
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"7700d4b62e38d1493f2653db0feb9b45"
x-amz-version-id: 0005E2BE6FE49A25
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 10 KB
4 KB 95ms
94ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/radio.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: e6b34c243715a0c8:bd17d5c3b79794e7:e6b34c243715a0c8:1
x-amz-request-id: 7284c0755fef3cde
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:35:04+00:00
x-request-id: 28632707-83fe-4908-9f0e-926cb181b47e
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:26 GMT
server: nginx
etag: W/"a3a9cccf9e2d2a9ce8f7bafa4339497a"
x-amz-version-id: 0005E2A927A79488
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 17 KB
7 KB 95ms
94ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/main.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 8d880b3c59465c47:24a74d41c0790761:8d880b3c59465c47:1
x-amz-request-id: 7d96ed93c2d230c9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:50:06+00:00
x-request-id: 1ad41143-1a2f-4bb6-b9f6-21f1aa8a1b34
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"cb2b1ed58fb8b4ba09dc5e9487c8fa34"
x-amz-version-id: 0005E2BDAE058001
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 97 KB
32 KB 95ms
94ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~digest-area.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 907e3cbed194171:50eb9f73156469e8:907e3cbed194171:1
x-amz-request-id: ee5f37087c48c565
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:50:06+00:00
x-request-id: 7b27152d-74c1-4510-a6d4-009c43f2f0cf
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"46e357ef7b6cf3e349c3af0978aca190"
x-amz-version-id: 0005E2BDAE241823
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
8 KB 96ms
95ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 14a82ef004fe83f:23d0e53a31179f58:14a82ef004fe83f:1
x-amz-request-id: 2f2759e87fdd4c42
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:34:21+00:00
x-request-id: fa1da624-88c7-49f2-95c2-edea3f70b903
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"b31cfb10ee072ead4f32a6885a826cae"
x-amz-version-id: 0005E2BDADE973C2
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 36 KB
13 KB 96ms
95ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: d41f5c0073ed6d94:bdeb2b22440f1242:d41f5c0073ed6d94:1
x-amz-request-id: 6aa54dd196b882a6
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:48:07+00:00
x-request-id: 8f6c5197-3ab3-49c4-b156-be4e19078f09
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"0df52b90df7ad9d22083e858071729f8"
x-amz-version-id: 0005E2BDADEDD1AE
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 47 KB
13 KB 96ms
95ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 6d5bb2d512f2f688:4061e9a0ee0f9e3f:6d5bb2d512f2f688:1
x-amz-request-id: 703148214f0c1fa7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:50:06+00:00
x-request-id: fa75e2c4-e996-457e-9889-e69d34416740
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"4682a0351fe6956c5d06b8ec281c0f4b"
x-amz-version-id: 0005E2BE6FEC6309
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 n.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 768 B
662 B 96ms
95ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/n.svg

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: daaa1862fff166ea:cd96cc19ef176496:daaa1862fff166ea:1
x-amz-request-id: 13dc1f50448cb26b
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T11:28:29+00:00
x-request-id: 766dc741-9360-4299-a0b4-7f2cdb58bbcc
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"bcb30adf55f66df96da407d71ae251e7"
x-amz-version-id: 0005D1CC4947530E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
372 B 271ms
89ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0fa53225ccf4f71a9fc5a327bf33c1771673b994abdc9a21f9cb97f30c1b51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
date: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 298ms
110ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: bb3bd540f7e4f2cc50b18558922d8d4de54044200d09c2dc3edd6e3e9a831866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 17:01:21 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 609

GET
H2 200 edc16710006cbb83cac2.js Show response
yastatic.net/partner-code-bundles/612088/ 13 KB
5 KB 217ms
77ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612088/edc16710006cbb83cac2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

14831b2eeb5f17752b56a1afcabc18bd024666b292086fae6f2e3c7426c6f160

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4461
last-modified: Thu, 07 Jul 2022 19:16:49 GMT
server: nginx/1.17.9
etag: "fbcf8a6f30288d969c95bddd16b03d4e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:26 GMT

GET
H2 200 6738a68430466986af5f.js Show response
yastatic.net/partner-code-bundles/612088/ 86 KB
18 KB 284ms
145ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612088/6738a68430466986af5f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d0339760d0d6bcb0c9c7521b736fa49a20b17da50ab5289b573402c0305b2f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17801
last-modified: Thu, 07 Jul 2022 19:16:49 GMT
server: nginx/1.17.9
etag: "9c36e15f041f6186372c658097daacd6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:26 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 306ms
168ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:37:10 GMT

GET
H2 200 26d522ae39bb22f40dd2.js Show response
yastatic.net/partner-code-bundles/612088/ 554 KB
112 KB 340ms
205ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612088/26d522ae39bb22f40dd2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9d435ba3f0f5b528c7ac02db3ad54c6beffb83f755ad234f41d680ccccb13692

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 114067
last-modified: Thu, 07 Jul 2022 19:16:49 GMT
server: nginx/1.17.9
etag: "f0944d540964fb0806c5b2122c14546a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:26 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
253 B 240ms
132ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524620&pages.direction=current&pages.spot=76&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e7c769f71b17542bdd9fa9e1f444ef46987979487c51328eb1abfc12c55eab08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Sat, 09 Jul 2022 17:01:21 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sat, 09 Jul 2022 17:11:21 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 200 KB
43 KB 534ms
431ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524620&pages.direction=current&pages.spot=76&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 737520ba1c13b8233e07e8d76e1bc3d126d3e47f389d5f5806cf9b0a738cd62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 17:01:21 -0000
server: nginx
etag: W/"0a5f363da18f9b267ce5ac8aa7e35f2b"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 09 Jul 2022 17:11:21 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 51ms
51ms Fetch
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
x-server-trace-id: 19b35bdbcd765ae6:4be4e2a0641a08fd:19b35bdbcd765ae6:1
x-amz-request-id: 8e9c362ab1970ece
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T06:01:13+00:00
content-length: 43
x-request-id: 4180cfa7-4d73-4671-9f1d-3852fa2df0d5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Sun, 10 Jul 2022 17:01:21 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 3 KB
3 KB 52ms
50ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
x-server-trace-id: ff420c0d3c168157:6735462d41c453f3:ff420c0d3c168157:1
x-amz-request-id: 0d087d53292ee1a9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:38:26+00:00
content-length: 2873
x-request-id: 04a3b931-7c41-4e7f-b936-d9fdaa19cbf5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 17:01:21 GMT

GET
H2 200 wr-750.webp
s13.stc.yc.kpcdn.net/share/i/12/12590772/ 40 KB
40 KB 333ms
332ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.yc.kpcdn.net/share/i/12/12590772/wr-750.webp
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f7cad8b5dbf9fd3260aa5637495686a9fbb7ee3166b0028e7465dff59453d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Fri, 08 Jul 2022 10:09:00 GMT
server: nginx
x-amz-request-id: e452688b40b3b8e2
etag: "357179fa890257e4e4423ccb46e6c629"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 41124
expires: Wed, 13 Jul 2022 17:01:21 GMT

GET
H2 200 wr-750.webp
s15.stc.yc.kpcdn.net/share/i/12/12589528/ 32 KB
33 KB 54ms
53ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s15.stc.yc.kpcdn.net/share/i/12/12589528/wr-750.webp
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f72ff95e07ddab0edef4c410a4bc35b5274eea8906da7b11a3ffbfa475501590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Thu, 07 Jul 2022 16:01:27 GMT
server: nginx
x-amz-request-id: d74bddee44df7e8b
etag: "596cad1731dddb180c12598f1895539e"
x-cached-since: 2022-07-08T11:49:47+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 33182
expires: Wed, 13 Jul 2022 17:01:21 GMT

GET
H2 200 wr-750.webp
s09.stc.yc.kpcdn.net/share/i/12/12589024/ 73 KB
74 KB 54ms
54ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/12/12589024/wr-750.webp
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8fc362cfb5f5c2b6b8653387f428d925b0c30d0c357c8ebce07434495bf4d671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Thu, 07 Jul 2022 12:17:36 GMT
server: nginx
x-amz-request-id: 02c426da5f2b85d3
etag: "db9f0cd4fc1953b0727cdfffd557e0db"
x-cached-since: 2022-07-07T16:57:34+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 75136
expires: Wed, 13 Jul 2022 17:01:21 GMT

GET
H2 200 9a588310742adbc44f55.js Show response
yastatic.net/partner-code-bundles/599290/ 37 KB
10 KB 94ms
94ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/599290/9a588310742adbc44f55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10038
last-modified: Fri, 17 Jun 2022 13:53:09 GMT
server: nginx/1.17.9
etag: "b3fb60d15c0a59a3cf542d7daeab0766"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:26 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 219 B
529 B 292ms
109ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

602c38516ef4de091944688587eae36fbdd287591f075a6d7eaccb39d71aa084

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
506 B

70ms
70ms

XHR
text/plain

138.201.34.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Server: 138.201.34.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ugra.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: nginx
access-control-allow-origin: https://www.ugra.kp.ru
etag: W/"74d7fd85362f1f110750d5bd432a5c118730078192855b0458789f07efd09111"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 220ms
108ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:35 GMT
server: nginx
etag: W/"62bbefe7-1dc0d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Jul 2022 17:01:21 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
208 B 165ms
60ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
date: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
302 B 296ms
97ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ugra.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
337 B 264ms
97ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ugra.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
919 B 186ms
60ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
208 B 152ms
48ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
date: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
302 B 294ms
97ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ugra.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
337 B 264ms
94ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ugra.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
919 B 185ms
60ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
506 B

72ms
71ms

XHR
text/plain

138.201.34.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Server: 138.201.34.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ugra.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: nginx
access-control-allow-origin: https://www.ugra.kp.ru
etag: W/"7a3167d602b1a4609bda36f70995fec639659cde587ae912c9020ece8ccd9eea"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST pl999
ssp.bidvol.com/rtb/ 0
0

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
202 B 297ms
120ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1cd5229fbc7d3b5e3d51d05456dfdec0f17ea31135cf562a7aa428de5725c442

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 221 B
207 B 307ms
130ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ac8d3fe12437c229e9a279b5c7ecb68bc004f6f0fadd82b55f9d28bfec72edef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
208 B 161ms
60ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
date: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
302 B 302ms
100ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ugra.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
337 B 273ms
101ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ugra.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
919 B 184ms
62ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 86 KB
26 KB 51ms
50ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: cef8f9b2e6b2bf91:29f08e7d3504c8b5:cef8f9b2e6b2bf91:1
x-amz-request-id: fc65a78cabfae024
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:30:58+00:00
x-request-id: 55dbc6d5-f1b6-453f-837d-43ffb8bca674
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"c21f53249c99e0b7d1bced9b5513375b"
x-amz-version-id: 0005E2BDAE211742
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:21 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 405 B
528 B 49ms
49ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: ce451248fe3480a4:206c99115c6b76e8:ce451248fe3480a4:1
x-amz-request-id: 6aab7f98bb3f5484
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:30:58+00:00
x-request-id: 05075d04-0edf-4f43-ae63-d68c6c974780
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"c6bcedb067d139a244e5e24f4f1037ee"
x-amz-version-id: 0005E2BDADF96F29
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:21 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 291ms
291ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&date=2022-07-09T17%3A01%3A21.350%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2656337943&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612088&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1657386081294-909&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

11f4ef58e438c2d6ed91c424a75e5027d259a78db4fea9973a23d9e1854c036b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081452904-2926772378223879896-sas5-9950-2d8-sas-l7-balancer-8080-BAL-3047
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 3 KB
2 KB 206ms
206ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A21.402%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1467471762&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A300%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A1674%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612088&available-width=300&available-height=400&yaru=true&pp=g&p2=fqyp&ps=bxyd&puid1=adv-1657386081300-170&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

58e86853daa2e15aceeedf3c6a163d3eebe91c03a8d2ab6aed4442092e471862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081542659-13503818884985225198-sas5-9950-2d8-sas-l7-balancer-8080-BAL-6261
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:21 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 176ms
55ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=62057292305

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 173ms
55ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=39117060919

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 173ms
56ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=80360842857

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5ABE 15 KB
6 KB 166ms
53ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ugra.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
server-processing-duration-in-ticks: 1909
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 151 KB
37 KB 358ms
358ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&date=2022-07-09T17%3A01%3A21.604%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2131494691&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612088&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1657386081294-853&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6Mjg3LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoyNDMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0b1b6c8339cf3ab9f2f8cff423710022b2bc3d0537bb6d0fc64ac5e63cc1e53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1657386081660145-6085532939879993451-sas5-9950-2d8-sas-l7-balancer-8080-BAL-1119
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 200 8d3e4ffe883d3d74078f.js Show response
yastatic.net/partner-code-bundles/612088/ 36 KB
10 KB 70ms
69ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612088/8d3e4ffe883d3d74078f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9df0583ba13699e97b42abfbb4cd9e6e12679a03297b7734a09c1b2a4e464472

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10011
last-modified: Thu, 07 Jul 2022 19:16:49 GMT
server: nginx/1.17.9
etag: "0eeb185d77f4997eb0e2a457b511fc99"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:29 GMT

GET
H2 200 smi.js Show response
jsn.24smi.net/ 89 KB
28 KB 152ms
56ms Script
application/javascript 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/smi.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612088/26d522ae39bb22f40dd2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 304
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 14:38:35 GMT
server: cloudflare
etag: W/"628261eb-162b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 72829f02dc81916b-FRA
expires: Sat, 09 Jul 2022 17:56:17 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 110ms
110ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1d593b321de3c47f&pm=cyz&p5=lamxz&ad-session-id=2442361657386081353&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMli6Qa2ckxlpEoPuVAJ&pr=nfjqfyy&puid3=top%3Aregion&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fqyp&rand=hkinyhg&sj=XOo4r8p2C_82mKNottX40IqJx9uK8-gSf_qQtMEqxPB4JMlv0NAs5fxlMYuhHA%3D%3D&puid1=adv-1657386081300-170&p1=cbpai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DD52 81 KB
28 KB 160ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612088/6738a68430466986af5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 587 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 131ms
131ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=b3a966f78393b89e&pm=bmo&pxo=MqoAiHJFIWVuRHBHzrd4xx-wcNYeB72T-mcY3CYuvlcPzHg9y6CzmLge5M2hX4jiec3zNl60PT-_WpqzGTM4ysOhMdPS9M2qyOTWiEIMiEjOnd0RBuedAtO_iImIGviiqDH_TCVOu7OzpuHyXVZfJLH5nozb5uZkYeO7hxeII65hZCG7CqmK&p5=gwdbk&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=exkmhih&sj=GEKOhEvednYUOGvnMTdyjXQt3QcO-9lIL8PS7fLaaldBppY5E5-uWtEDBv97LA%3D%3D&puid1=adv-1657386081294-909&pr=nfjqfyy&p1=cdinl&rqs=YKQWZFfGtzxhtMlih77ALQd_lqpGCQFw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 55ms
55ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 57ms
56ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 17:01:21 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 57ms
57ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 17:01:21 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 55ms
55ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 374ms
374ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A21.756%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2691796415&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A215%2C%22top%22%3A1226%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=612088&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1657386081298-109&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjQzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE2OSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjhkMzA4ZDQyMzE2YzQwYjUxNjg4In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI5MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfNXNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjI2MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg1MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTg0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1OSJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

58d179c4a572d84ea10a6da7771b6ebd190f6d22b1850786fa7409ecabbb6095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081813628-13742568088110553346-sas5-9950-2d8-sas-l7-balancer-8080-BAL-3601
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:22 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 55ms
55ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 145ms
144ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A21.761%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=66645511&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A235%2C%22top%22%3A3779%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=612088&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1657386081301-514&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&puid3=top%3Aregion&puid5=&slotNumber=6&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjQ0MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkQ2dFBHMlgxdzkzNUtrSGk5cW9IIn0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjMwNCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfOHNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjI3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwMzAwNyJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTg3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzkyNzg1NyJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0370d57956363af1d6118ef32782731cbfa05e52bf77d01c50bb1ed82c4f6366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081816929-6648581463674795277-sas5-9950-2d8-sas-l7-balancer-8080-BAL-5888
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5ABE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.ugra.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=mur3S3xoSHpKQjZPM3VTb2xhSHkyTkwySmJHUTFzWHlyWWc1SVRBSHBneVVELzVNdjl0UDlhOE9LZ20vd3pEK1Fjc0x0TlJCT0RyUGJlTGhJbTA4NFFONnNVMlBEWGUrdDJpNVhybk04RS8xVkpNeU0vRHNMc0c0N2hRK3...

435 B
630 B

155ms
53ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mur3S3xoSHpKQjZPM3VTb2xhSHkyTkwySmJHUTFzWHlyWWc1SVRBSHBneVVELzVNdjl0UDlhOE9LZ20vd3pEK1Fjc0x0TlJCT0RyUGJlTGhJbTA4NFFONnNVMlBEWGUrdDJpNVhybk04RS8xVkpNeU0vRHNMc0c0N2hRK3l1dFVOWUw0WnErTDJFRngzRG44bWlWcFZMMysyMGN3Vm5nZERUeVdCa3RHOHVQSDlPaDVCOThVWWFEYmpGVUxjV3c0K0FUaW4yS1NzY1phODlCai9lWUhZbXl6T1oyTFhrU2JGemlJUTF3MFRGaHdwUEdqN0NmV1hPNVFwUVJqMGdvOFZsdlBHaXpDbU5pSEhOSDNqRmxNM3N5bFVEQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f8c2ae444f364a5379a92fe66c8477ecadf6cfe1d3c8f9b22d50d0dd9833ea2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4094
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=mur3S3xoSHpKQjZPM3VTb2xhSHkyTkwySmJHUTFzWHlyWWc1SVRBSHBneVVELzVNdjl0UDlhOE9LZ20vd3pEK1Fjc0x0TlJCT0RyUGJlTGhJbTA4NFFONnNVMlBEWGUrdDJpNVhybk04RS8xVkpNeU0vRHNMc0c0N2hRK3l1dFVOWUw0WnErTDJFRngzRG44bWlWcFZMMysyMGN3Vm5nZERUeVdCa3RHOHVQSDlPaDVCOThVWWFEYmpGVUxjV3c0K0FUaW4yS1NzY1phODlCai9lWUhZbXl6T1oyTFhrU2JGemlJUTF3MFRGaHdwUEdqN0NmV1hPNVFwUVJqMGdvOFZsdlBHaXpDbU5pSEhOSDNqRmxNM3N5bFVEQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1396
content-length: 541
expires: 0

GET
H2 200 cfg Show response
data.24smi.net/ 427 B
437 B 91ms
90ms Script
text/javascript 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/cfg?object=19594&ver=35&pio=true&pps=true&callback=__smiCb1657386081775

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ad439184ed0326ef44487d831b75ad1b17b862855679ca9737a2a373896a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
cache-control: no-store
cf-ray: 72829f034d4a916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8278.js Show response
jsn.24smi.net/b/5/19594/ 15 KB
6 KB 54ms
53ms Script
application/javascript 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/b/5/19594/8278.js?t=1653556517

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 14:44:45 GMT
server: cloudflare
etag: W/"62c9945d-3b68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 72829f03de2e916b-FRA
expires: Sat, 09 Jul 2022 18:00:32 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
813 B 158ms
56ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612088/26d522ae39bb22f40dd2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 17:00:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 17:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 100ms
99ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f094dd24d81e25a1&pm=cyz&p5=ljjmt&ad-session-id=2442361657386081353&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMlixU4acmQ0T_a-3efd&pr=nfjqfyy&puid3=top%3Aregion&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=gvdq&rand=ilfahki&sj=c7zz7I7Xy2wazqrnqTRU6D85sKGNFLAr1jyqJ_lGAtmd2DdSJKRn3iP-EVScrw%3D%3D&puid1=adv-1657386081301-514&p1=clerf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 265ms
87ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: 33aa1fc7c4cf1379
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: ada20cea6c3a5c05

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 487ms
308ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: e702fd740458eb2c
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: f6f4e880023b5aa6

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD52 374 KB
128 KB 149ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 16:45:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 139ms
55ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 16:59:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 17:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
684 B 140ms
57ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 15:17:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 17:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H3 200 informer Show response
data.24smi.net/ 3 KB
1 KB 93ms
93ms Script
text/javascript 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1657386081&ptz=0&pl=en-US&object=19594&template_id=8278&num=4&ref=&output=json&chash=N22ak8FICu&extids=&page=https%3A%2F%2Fwww.ugra.kp.ru%2F&callback=__smiCb1657386081776

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c481a71d53f04f254cfd913d296b166658b52de2742d59a67f30a45bae10c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 72829f046bb19189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 71ms
71ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: 7b8a5f6fbec46a4f
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 22:50:22 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
485 B 311ms
106ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386082258884-12045660034874109888-vla1-3170-vla-l7-balancer-8080-BAL-6596
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 370ms
184ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 18:01:22 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 103ms
103ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: afad5821806a2a46:af1e72f8617e4174:afad5821806a2a46:1
x-amz-request-id: a416ddac7bebc6e1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 39768
x-request-id: 2befb131-e8b4-4dff-b558-84c94cacd2af
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 55ms
55ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: 2bf17f0b6e6173e6:b57c4bb8325acb6b:2bf17f0b6e6173e6:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 22100
x-request-id: 204c20a7-61b8-4547-816c-8178166d1334
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 98ms
97ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: afad5821806a2a46:af1e72f8617e4174:afad5821806a2a46:1
x-amz-request-id: a416ddac7bebc6e1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 39768
x-request-id: 2befb131-e8b4-4dff-b558-84c94cacd2af
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 102ms
101ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: afad5821806a2a46:af1e72f8617e4174:afad5821806a2a46:1
x-amz-request-id: a416ddac7bebc6e1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 39768
x-request-id: 2befb131-e8b4-4dff-b558-84c94cacd2af
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 60ms
60ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: 2bf17f0b6e6173e6:b57c4bb8325acb6b:2bf17f0b6e6173e6:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 22100
x-request-id: 204c20a7-61b8-4547-816c-8178166d1334
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 97ms
97ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: 2bf17f0b6e6173e6:b57c4bb8325acb6b:2bf17f0b6e6173e6:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 22100
x-request-id: 204c20a7-61b8-4547-816c-8178166d1334
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 97ms
96ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: afad5821806a2a46:af1e72f8617e4174:afad5821806a2a46:1
x-amz-request-id: a416ddac7bebc6e1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 39768
x-request-id: 2befb131-e8b4-4dff-b558-84c94cacd2af
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 97ms
97ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
x-server-trace-id: 2bf17f0b6e6173e6:b57c4bb8325acb6b:2bf17f0b6e6173e6:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:22:50+00:00
content-length: 22100
x-request-id: 204c20a7-61b8-4547-816c-8178166d1334
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ 22 KB
22 KB 386ms
190ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/x450
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 961d65ef493469ff3c06009c02c2c6f73ae82f402d52310369112a2635e6dbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
last-modified: Wed, 11 Aug 2021 14:15:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22154
x-request-id: 3faf8093746b5199

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame C76E 24 KB
7 KB 202ms
67ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 09 Jul 2022 17:01:22 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 08 Jul 2052 23:36:05 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
23 KB 215ms
110ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:28:08 GMT
x-content-type-options: nosniff
age: 268394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:28:08 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 244ms
140ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:54:51 GMT
x-content-type-options: nosniff
age: 104791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:54:51 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 278ms
176ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:54:51 GMT
x-content-type-options: nosniff
age: 104791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:54:51 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 265ms
163ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:28:08 GMT
x-content-type-options: nosniff
age: 268394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:28:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 149ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 422692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 19:36:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 156ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 375340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 08:45:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 189ms
95ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 446717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 302ms
210ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 446734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 12:55:48 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 283ms
193ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:54:51 GMT
x-content-type-options: nosniff
age: 104791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:54:51 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 292ms
202ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:28:08 GMT
x-content-type-options: nosniff
age: 268394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:28:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 208ms
131ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ugra.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:17:14 GMT
x-content-type-options: nosniff
age: 427448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 18:17:14 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8A67 81 KB
27 KB 151ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612088/6738a68430466986af5f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28093
x-xss-protection: 0
server: sffe
etag: "1268 / 495 of 1000 / last-modified: 1657318025"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 94ms
93ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=728c2016dc5307f1&pm=bmo&pxo=uqSUVNR_jwy0KmzPzSa8JaNtz-wTt5_acF3fXn9cxEsxvPYlTkKZ_I42A1hdWKzY5KcwGuc8b_kPc1sm66yb4Ka1e9F1svy6CkQI73xyaRE2cL2P8302Wex2_q-ZFO7YmAiP1_sNHsZ4jcHCWEzErypLB1pz_L9vTqrqlC6efVAD-hje&p5=gwefg&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMli77fu5xaM4bc0qOqy&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fxjd&rand=lhszikv&sj=9MqiHDp8zgh3dcTzmioQNh6ByhkCeUsusQJsS7evQM6vuFI-D4f6I2WulFM8Yw%3D%3D&puid1=adv-1657386081298-109&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1TgKc0dT0Hq200000000U9nJJ5WYbX9-RBkDOStTFxqdmrQOMYPkEPd400IUC95GKuS9kR5zQGmCgOn0yKoWU1j8l5G6oAjD01AjZ22o4oGB14mCCnd35I7iXOnBf22ibOo_n26ilOoiZW8CHy7yiupCG96hZ22jTnaPP1YO_ZBEOc9WcCi44bdAT0eelPRf5v1zb... Show response
yandex.ru/an/rtbcount/ 43 B
590 B 98ms
97ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1TgKc0dT0Hq200000000U9nJJ5WYbX9-RBkDOStTFxqdmrQOMYPkEPd400IUC95GKuS9kR5zQGmCgOn0yKoWU1j8l5G6oAjD01AjZ22o4oGB14mCCnd35I7iXOnBf22ibOo_n26ilOoiZW8CHy7yiupCG96hZ22jTnaPP1YO_ZBEOc9WcCi44bdAT0eelPRf5v1zbka_43nbUW4KUSKaKBTGAwxcBWF3dWVBNP8UipByPUeG1Zg4cHMej9SPPFjKPf0HSvcPG9O3IGMGtImRcJrbEdR-ONggU98vOOzBVAFMDf6hO9LtmUHFPWSdVh0pPx4eH7e7XaUvfRcNL5LabFZcP7h56-U65bZcP5VfPYVcUxWjP94EXIXUmNBTQGSBqm4Mffii45z-i7_8SlOC2BonVyi2yki4rjQ64mrj3V4BM3bFicv-mW5MTu6reQ69vIPhGWAZIklcxKvVMK7-x61hO9d0zk34hGNVJdsyRJE3xShXu0LikpSzVDFrujEVzOmhsM1c7s3pEC76_8YDDypHoSenF2tPp2KbqVmb6ymLF-6iYUnobhyciMc_jP_5pcPcQ6HWOR61lK5X1plZ2NQH1-mF3rmzsVdYtSIi7-mBZHiujhut002j7x5W

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DD52 107 B
792 B 159ms
55ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD52 107 B
549 B 160ms
57ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD52 15 KB
8 KB 583ms
488ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4136770530530568&correlator=1476285839781123&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_10&sc=1&cookie_enabled=1&cdm=www.ugra.kp.ru&abxe=1&dt=1657386082566&lmt=1657386082&dlt=1657386081694&idt=562&biw=1600&bih=1200&isw=160&ish=600&adxs=1410&adys=389&ucis=iiv1bcqm8tgw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ugra.kp.ru%2F&top=https%3A%2F%2Fwww.ugra.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=269705109.1657386083&ga_sid=1657386083&ga_hid=1352839947&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0608ee85a88bde83507e90bcf0f22f071678ca8afa36c0fa1d38925293242e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8359
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD52 14 KB
11 KB 164ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c34f66d3695cf41b97f68390be2cce4f1dcaac226fc70f72193faab10ca2ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10671
x-xss-protection: 0

GET
H2 200 container.html Show response
8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCB7 6 KB
4 KB 185ms
56ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:22 GMT
expires: Sun, 09 Jul 2023 17:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 018b4b0b87fceaedbf0a8bf8282576e8.jpeg
img.24smi.net/100_100/0/1/ 6 KB
6 KB 57ms
55ms Image
image/jpeg 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/0/1/018b4b0b87fceaedbf0a8bf8282576e8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e907246dac1df690c91bdf0b7ab96347102f2b7fa94dc9d6b82a1282695ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 666
cf-polished: origSize=6541, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6414
last-modified: Sat, 09 Jul 2022 16:43:43 GMT
server: cloudflare
etag: W/"62c9b03f-1cf18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 May 2023 16:49:23 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72829f087dc8916b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fa66b6b330b2dd23482620b4ac1b8c87.jpeg
img.24smi.net/100_100/f/a/ 5 KB
5 KB 65ms
64ms Image
image/jpeg 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/f/a/fa66b6b330b2dd23482620b4ac1b8c87.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce03e656b2a1b9480f43d2c04e1f4ee99dab46ee1696a222168f4c249b968c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 666
cf-polished: origSize=5489, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5311
last-modified: Sat, 09 Jul 2022 16:44:45 GMT
server: cloudflare
etag: W/"62c9b07d-1710a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 May 2023 16:49:23 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72829f087dc7916b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 da1b5c7cb6119a774075d1e05641b283.jpeg
img.24smi.net/100_100/d/a/ 5 KB
6 KB 57ms
56ms Image
image/jpeg 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/d/a/da1b5c7cb6119a774075d1e05641b283.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a258dcd29961e7b1fa42b20e47d0ba475c3fda323dd3af37520ff5e85e92a8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 655
cf-polished: origSize=5734, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5569
last-modified: Sat, 09 Jul 2022 16:45:47 GMT
server: cloudflare
etag: W/"62c9b0bb-132ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 May 2023 16:49:22 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72829f087dc4916b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 686dc4eb822edec8078130f68a644ccf.jpeg
img.24smi.net/100_100/6/8/ 4 KB
5 KB 55ms
55ms Image
image/jpeg 2606:4700:10::6816:294a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/6/8/686dc4eb822edec8078130f68a644ccf.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38304836e04b7716a488a306c73b01707b0cda8e2a48b9888e996a0affd7a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 460
cf-polished: origSize=4652, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4453
last-modified: Sat, 09 Jul 2022 16:48:33 GMT
server: cloudflare
etag: W/"62c9b161-12596"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 May 2023 16:53:42 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72829f087dc5916b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 pubads_impl_2022070601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8A67 373 KB
128 KB 82ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130521
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 14:52:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
73 KB 158ms
56ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f86c95d3dbee19d6da8130eacad7c899af9fbd6f71aed80a964e0ef9cc88597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73813
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.4TG2RlEoSIfOLmOT2IzpAW_7-9Hf4rx7OCZUpzU5q6r-kmVRLFHIBBtLTV3QYqtw.qp1zwz0FKVDjmbItfo549z9AKGY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9694.vSJSxjszNJrz9LX8wZcW7bmbexa9qh3bNd7UGoyVamPuL_VWWMnmn3T075p7u_YvACJunVcMFKZkWyXjmsOe_H_1LLQZRydDB-5cN6zjhsM%2C.8HFgZfCuOWcU4vQwoK8yeYOZadI%2C

43 B
346 B

109ms
108ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9694.vSJSxjszNJrz9LX8wZcW7bmbexa9qh3bNd7UGoyVamPuL_VWWMnmn3T075p7u_YvACJunVcMFKZkWyXjmsOe_H_1LLQZRydDB-5cN6zjhsM%2C.8HFgZfCuOWcU4vQwoK8yeYOZadI%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9694.vSJSxjszNJrz9LX8wZcW7bmbexa9qh3bNd7UGoyVamPuL_VWWMnmn3T075p7u_YvACJunVcMFKZkWyXjmsOe_H_1LLQZRydDB-5cN6zjhsM%2C.8HFgZfCuOWcU4vQwoK8yeYOZadI%2C
date: Sat, 09 Jul 2022 17:01:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame C76E 95 B
400 B 309ms
102ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD52 17 KB
7 KB 169ms
66ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:22 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
235 B 107ms
106ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386082865627-17634306361602695575-vla1-3170-vla-l7-balancer-8080-BAL-1757
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 289ms
288ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A22.816%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=770397959&pr=4079709996&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ugra.kp.ru&ylv=0.612088&ybv=0.612088&ytt=417816030347269&is-turbo=0&skip-token=yabs.NzIwNTc2MDU2Mzk5NTk5NTY%3D&ad-session-id=2442361657386081353&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=612088&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1657386081300-370&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjQzNywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE2OSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjcxNTczNzcwOTQwYjcyYzA0Mjg5In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI5MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImtwXzJzbG90XzFzY3IifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjI2MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg0MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTg0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1MiJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MzA4LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoyNDQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY2In0seyJiaWRkZXJOYW1lIjoiYmlkdm9sIiwiY2FtcGFpZ25faWQiOjE4NzEwMTYsInJlc3BvbnNlX3RpbWUiOjE0OTgsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIyMTUzNSJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2ltaG8tdmlkZW8iLCJjYW1wYWlnbl9pZCI6MTc4OTU4MSwicmVzcG9uc2VfdGltZSI6MzA4LCJlcnJvciI6eyJjb2RlIjoxfX1d&utf8=%E2%9C%93&pcode-test-ids=612518%2C0%2C49%3B586081%2C0%2C1%3B597159%2C0%2C1%3B597485%2C0%2C40%3B590119%2C0%2C41%3B598478%2C0%2C64%3B605345%2C0%2C64%3B610874%2C0%2C23&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz4uCulCXfaMk2iIikSpJ2fEWxWCLTZ8Wi6KbFAUW%2B%2B8dSrItyTGd5CGAA58zw7meyY%2BN5h1nFvYt60Dz33puLLCt5RqE1KppNh9%2F%2F7H59%2FPXl6fNx43VPd982Dw%2FfX8WX%2FAzTdM4SDY%2F%2F%2Fiw2TMDgoOxqgNla8Tbmklo%2B8aK%2BzxZSsNrnneDxU4qzaEVxvAKKmYZdEyz1sBWadiLiit8FpSqLdSC8%2Bm%2FvxeUOYkpPfvDeqt2XHLNLNJ2rHwwtbJQ9fgHoeSCKVryxITkZx4uWdFwkPwwI%2BEGvYZWVXzBo2RzBN7wlktroGxE%2BeDAN9gn5pY9Qs3Frrb4RmnwvVrI3bsfT6MgHGhZ06jDmIYO6QeOMZZ2x%2B5wxITOczLab5neCelDJiQOomgdsr6rhti3ygUcLBMNOjHGzlscCUmyWQY0b9WeQ1kzbbiFrVYtNEI%2B%2BDmCICbp2qWteAT8aMFqzKULs7FM2yE6neF9paY3lxobTOy5uWeE0qt3l6zrHHVxhEod5FtcTbLQx4Ih0xjIQlhXze8hw%2Bc5sj3XZl30zvmULrFhTIK1I3thRCEaYY%2FQNexYYOCwE3qDzt3xJKThVR8JiWPK8HIoCVUYrvdu7Lh0zCy9lbiXWFMMO2bIIGu7OfD5n5enGSwOsygnI8zgsDJuWq4x68qegVgFhvOL00vYt89%2Ffn1aIKMkzMcCdFXXoq2py6X1m4xplI9ZKFUvsVYVPNbaC8nSLIwHyJHJij%2BC7rH2WuZvW0rSMJom%2BGLSwLZvGoM9wP34IAojcn5iodUDxgefBzstKj8ypVnyqsNQCWO1KLzwMCDJ%2BN5PXIaDu3AQla1BtGzHvdg4iDNywaK5oTALpV0daVaJ3vzyRoYjc36PDgNrDuxo%2FMgonVJbbd3qNh1OfA5WtFz1dgENCSFLbEyi8c1diYtnWBa4Z%2Fz2KNJM1btVGGXu2uVkD%2FijtxLRZJqG13CxBfx9cOPlXoXcYDg5sGdNv8hWRF5Hn4biUJ1CdphkYLr1206CPJpsY79aYQaBtFXX22MNpQS1xABtONNu07ttyLRgq4CHa9iU3lU%2FaX5gWF7VWxsLmU65dksPWo6q6FwuXGucdo1azF%2B6wGckHvPeaaG0m924R%2FaCHzql%2FSWTpMk08NzXQeLyLjnKu3bnhaUh4gaYMR0ur7LmzkPouC5XVRqQRZJTGuTxrETII8F9hcNAGSu8NrOATjYrFF12WO8Y44PG1YmpnsbtO0RUhjN7zB%2Buk3J6wGqerLYKzTLcRqMT0ySpcFmXKOaMd2bTPEiz2QwTKBgZJhaVfOkiZnxG84gGwQI7zD2DQ9DWrrE6VlW4oP0kMZ2KZNgzbg0fOw6R32vcNXSWrVaXN%2Fb2tbk8TW4iAeXAIJjvWD9xaFvMmglMyZy8Y6VVi6gHvwYLfBpl0Rn%2FbtAgqgsm8aoAlB5bgdU2CBrk8C%2BdPAvTdPb4iWSsTVzwOBPP4goHu3UH1FpirDV3GEdj4dXFSo7QPA9zsvhyROJs%2BPJOsyK8I%2BbjlFy%2BC0Z8WjyOBiHxff%2BVbRbQG4gxGtNAxxLAyxbD4Ka0kK4qzjodW%2FuO05SOlYE6YMft0O1CutNP4wBzH3F43tmXCUnjkLw2wLdCG3d6sNZJWBg3sNqfUugnzVEmzV1jhVFNj%2FPKtO74cN1%2BJ9d4zEz31azmccq5CbVbC%2FErcBjkY8vWtm3o2GYGd0olGFiOJ8IdPMqd%2BHLnK6hRsmHjNMyBUdhbvRTsUwGvNXuQnUkGEbDTLuMYAxRvr6yJ12hQNJLscqE4He8O8%2BkeF6c5YHoU6Ef%2F7YZtHdDLeXJaGu4aH8bhAvzy7fvT8wodZ9TniGi7N3tCguDiSYd7bziwOLgpAKhAzn%2FAw0nJakmXDz%2BraROn2U3CUUst9Xlpm1sMy0YQw38owNQMb1vkU8tAfXn66%2FPL1%2Bdl%2FdNoElPoPDZS67SI5vJ0tnWaF%2F5zIQlIlroS%2FPk%2FrGeGhQ%3D%3D&use-server-side-rendering=1&pcode-icookie=gEMWAj7FOrpinJUhlUPOWKdn%2F0CcuOftZK8II7b9%2BwNTr99kwXpQa1MhF2vr2fsWP%2BgF7Z1AllHAV6pVagghOjpr8NU%3D&top-ancestor=https%3A%2F%2Fwww.ugra.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNTl9CiKjpKjrKO2BMFAndJjZz_xXm-4ozZXtbFfGuXKGu7-RjXbzISmGf96HpuXPldE0XF1hY0wNbVuYZ3mZZ-YBvTCgx0Abq4KqREQYPc_LobfhzX6JCRFClCgaVFCVbAlgBprAGGjUDGpzEOYA8IBKzahGmAcYAAdxoFWb1QjtAawDxxCEAfmC6ZczVaDJC8-4PDWBdgHUHexwNIF-2aZfoGPw84KRDeiWA8IgygepG3raIM7LWjTcAsOCliYDLAewh72FMyxpAjI1gkMqXoALqNWMZ9Gw_AJjUWfZsWcwQIMAMxOENmXSWkUyhNYCaZwhFA3gLcOI83BeiIVDhQxARjjZA7Ugt4UdDR5Bbl4BPjyCFi4LGl48gMTOCoo3OQXZeS0CmU2AnRc8ST5eZn7UXCwWLlY2yczPymbhZbOAJxnAlUVPKNJ2uaSCIAewBupRQLkALtwFMw6XHJAuV9PSL1zm6ReObnjF22t6Ne1AUb80pl8AbJOX2cMLF3gQl_yMS_1YjTQIBx7V4Q8E44Uk9GWWdGAvneKFVigxjGqH4QWFeSAZxAtTd1prF4goq0FYaDIsz-g8t7cSQ8NhK9yeIl4Y003jAkkjMVQLm5anPk2TZKHQNN--q-kkFHtCOljjU3-pOtDyO1Yw3_Yp-mUh4fLpWQSGQFJcFSc4eJGjZEXNx-zCDNgBtYSsCiX1KnRBp5riw4J45zA6Vj7keAT5uFApgqNjslhY2TI_GgFmZvAkmfnt7DzCIhzMdiv-zMuOBhUrekk8W7zbJDWtoHiDRpFxATcPGydKLhZOEbtY5sEigIk3L1whPiaQxFDYrZkDZAHcGJAve_C2u4ZlSyMoLuCcB1BLPDPR-HAxc4PBLbB8oL3MkW5fX97KGAGQyf_tVzj16pCKsKuKtcfocBJWzeCQVWrVyowdsg0jMKkR-bXgrBtAKFeIM0rDm6wKJwA65ADMEj8KKAKDGqEj9lOaGDfuOqM6zPGjj_yVg7EDhukd9AxaitqOeMSP2KaTXeuA4rAfbOkfeyY8mR3hMbWc2OKsKte1mabB8v29Q-bg3MOZhzFH7VhHtzHEGXGBfeSZMHDPOG5mYmpE6H7QL4HHeYw_Cg_MumhCY-GU60R1J-kF7aEm_KtH6CDPJzq0L4h-whE6woxoz3V4527Of8JkD7_OkhrqvP4lIkWgc9CaSXIG-1I2-jVkdBSC5z1ues5RHYx8FjnDA6jVZ-MJ6SS9H7XPrn66EYQOWYY7B_3Xcjq8TJr8GnESshnmjGjmdFI7ZB36VothDGPCMr5tvuWvI3RI0c7L2pjHUF_L3BHJUW7XFWtbO-4fQD5snUVx1UvnZqTYFc7IMKNFxbMMAzfHukAgA4w4cDeUWUT5rahFl0J8oOIAiRfFQrjsMxIZ4hZV4GKzZfTYMILF8g-laEkJMrMIsMnnK5JxsHJiYXZBbUA2T0OUxAOSOIlmPpC4MKLG9NgbeydENn9-fn7UAgLJCf4kbb6szVzGoiYg9xgmoVduRpCj4UPLg84umnmwsmFFjkMSjxUfFMbgAldupI2dmUWUmdMulDlw8eHEhrGcmW-AgZ8aeD5sAsQY4Yk5_JmfnQlcdm5J5fle6nqQzziQ7xJ9W3rOGKdeQxWIACi7Vcxqdca6y6SOwZ88bLch3WuUzxz8cUUB-QSxWAozWl5r5txsuNefihqHLOPCggE7TrtNyBndAXo3suHW_PQ3OOk0jC3qvctquq_H0F_CDFI5WLmY4OAWycXLv2vERUTxJ7rMDMWXOUFDZgETnReNKtQ6S5Pmwm11QRU5fnxiKCx2W-ZmBpcHt8UV_biteFQgJxdcQCnq2iwsTBY2jqUDBwsOUFmxtMkG7YeVqo_T5v9iDWmHxHx_FLZzhHV3Noe43erWh0aN-B8_nvF1jMcNHHMUy6KvH69Lp7K7L0DSEs7KzsYkbFt85cOOnhkZF_GYI67AfpHQmrmwY8GNAbNcEs5kGVASS07StjjVSJYWZNkjWhFxgGHol1NEixU3TI8MB6aHPPKPmgvP2FP7pIlCPRXJ14XiRMWKckoM1tDlVP48vXRf2pFN_Oqz0hS6pbrEneu90KIZ_vnYZvrhI_d6oFQqBTWhzIcDOzjM4CzUjMslUnVIRC8ZyItT3NjBAgszytTwP1sPj9Q0tz_CwiR5GDVm6kGTP2Km5S7syTw5BW1jzg3G2aVkFgtJmMgPOgp0KDD54_5CXZm6CefKdU1hgthb48S3mdXUSOfODDE3lqkZFIr4hD3TN5cRvfq0DUclOMmrtcT8bMZUr54ha-w25Ql-UctdIaUtbjiDP0-FeDDEOGsBrPUxMGZdMN001b4Tdy1m-9tMUVOVNo0WMG8k9rYQpxG8V5wzZnjHNLPVV2x_C9uOZWxVf4W3UFZS-AUN5zhsvnW0eAx3gJ9Vc4LUJAblZ4SOSGSTGVMp3eCPdFNQM96bxqUstXQnMX1tTMZHefPXSP3A0hdJz4CRhJ4PYQGb51OYL2WVW3Pph78aTVUZIH9xy53bpC1ueJ7Stv18BafoGQnCW6_vFBtldGe04SkM4l9UWydROXO_TeHkV6mzb8tQJIV4R93R6y5UyZ5PsdSlTj1MDP-74K5AnaqrF8n1Da6JjSomdoDXPo4_QnY5T6A095peoRMQj2FKFOBEJyCGCuUyw4UNK-iFISTkS5QPPOmmN-LuD9Wde7mmgQ8_mbDjhhkfNsIsKvbeHKMnm42TUmq67kv57lzrdfTa1UuNHUC_ZDWLQYOFeg_ilH3Lr0b9rJfwY3CbvNOJIOIWYbyBO6s678tRxL21_hYPBSZA3p4dgKWdMODObDX9aOvaNc2rnUQaZ6j9Xwy9QPW1eI7s_bvu0WjiHoJPwbQdCIzH4oUvNY71RKhx1X1h49iGZEnR0eqeXLaXxl38paHRuxfCE_3Pt4NykXrYGd-dPYI-EcxXA6d7316-gwAguaJdPyDu9Ggv-rNI21oO73O0O2HonY303QkD0xDPuDhDN525pxq30_ioBp649PGvBNSXG1VH9qSX0dRENJihJOQvkfHneeIzTkk0ZYTxi7UBQHZfEfV99GTwPd3Ekg3q8mqPgCDbF6j_Yl8nMnBJEJUnevWLQurqd_IDqX-6jJ0ixi_okX2ewGTiz2bcaeyWB29s1r853T63qT8v43dweRkGKAklXFvs-bvsI6Jqjkkd5OFXwjD0bQdymSVNIbd_Ol1TvC17uREwKqs_u3UN5oc-raqqXUrsEfYrj8DiE8zOZze-J8N5fhP0CQjKxunACOeDunB7ZMM1HfwXpqndSYcK42mKIPeSWH6bvAPX7T2JPqzG5I177WlPru0FwdBxgcTe2KyZHwdyJoxYx5D1hMerNcQUNXBXXif7ea082jKRx51T_ApQ9vlPcTDyJddLDHkq13TLrA67oZTn9OdL6fMZS7HIGN06dIvA-j72NG9Mi19T3VGkPRT4ErUIA51830r0YhOBbMXmxHy_X72NSNbipS0l3i5bd4tyg0lbDHS164a9zFMQK7gu18jTZKtYe0mqV9efVsdc8qSAWezZvppaOnJoaupjX4e-hCDD14c7bKevtkUL9AJjLNNLczrkynlDeTFhMbFaaQuresd7COvk1reTn6Q0L118EBDoyEuou0WcTU7dWa0oStfHUPs-jMaKdg6kSGexTcwnTR5duW8s-nZ4JYZhDnbChjP0k39j3DClLZRxSV2u0OsA6_vEvPCjQPdnE_vyjSQS--P860OZrG2-EEtWAp0CUMzGHgdUn_32-JelcdaPW1fU_lBMdhk2EXRSTr0wynBrj0laWHmBsY7eqehJ24I29RZvLAKHRHyIBM8HjBWhpknDWnZPEDRVCNMq3QNif85LMM3tpewvNPFGwv0MCrRD8_Z6I6ZLk0syVllEzjfezTdmGR-WNMlEd-vu5Mr_K-AYXFmXa7bFNNmXaV-34VOjVjWg1KxS7qllnOPzDOAd8obPq3cxsF7S9eyofBFfQEehK-tP6d9uSs86gb_Eif4Ke-CmbAGYX8gCUew35t9jQ5RLNRwnBf7moL07SNHPbK-uy5HF37eiKbtIDXzuIHc1NOS9fBe73gfeshz9-zTdtXsKXe1xujmNcX_8LpWoE_jcdY_YiL-hmeo4Vf2ZXs5xkpRUxWApK9lGyErGI8htU5LHV4YYhzAytEIsduGFy89v2a5ZRTzZbpuKNk6BJ77Mg4sHAyeuJF7r0VkuiNAiQ8fFifPyIi93XyhBFoEtXOy8Ckzizby4eFjQc42LPA4z1N6bjJXhCcUOVEFINPOgBhsTTqwkyqW4nINE7ST161o9Jhe9uBCJP1pl42prEkEWtaqa6L5EurgUvcSXenkX6LSTUoZihU5uLKbuFeq0p3O9j1_eJO1j-iinl-PHyfvkXOSyVYjkR4Xdy3ubY0YitVoIIrYaWpuBSJIHdmvc414w9d3T0B_IrsI8TG91Tg7m5olNVLmwIX7DZYqGSVfSSsLpjbS3xuVW6v5Ga8t8MR3IidH0pafTzLI4-D1jueEp6LTA93NAzPoG3D1Afa3yJZByy2I_9JL5CnKXfN99p8se7_TWK-sQ1ult5vqC6kTus40QfSai3a7QX-glt12Sx3MjdT2caUd25cGbts7Pvqv8iM3QKDpnmqevZKx53jjzCO32A0Fren6j-1ZRDhC9nGq-_ZC-NogSe2wiEKGVsuwS2Y6Wsh1tiiGG_5M5fWW2EKnpLsF3SO18fXL5Nq_bPY3jgNnSuTeCyRMqyRbjnoFDjsWb1XRveQRlrV4C077La3zNqvhcH-eBIfLN0hqFpktIJ48Bu6q4hf3jpFTeOhgQGesEGHOvWZ11VPVH1rCHsxgPPbu3gC8mXXbAjM-7ogVJGdAaSNw8QiUfMK1ubaIb_5NrIf0GNPKzjLdAf8pU_UHvpbpkTOakTru1RN7j-atS4ivpBxUE_-5tQlIQIZRCisKUJYrf_yQqyfxW0wdQAwC1dskXp6y5Ro1kiGBqxIONCqetAMprhKcPh08Qmq0sZzatp6kp5otxJeTUa0q569Cj5-DV&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

45b2c3c930fa002229b12629772b76df75492d551d2b069bdb5a1c583921704d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386082875166-5453470277766283994-sas5-9950-2d8-sas-l7-balancer-8080-BAL-6910
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8A67 107 B
122 B 165ms
57ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A67 107 B
122 B 165ms
56ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8A67 112 KB
33 KB 350ms
350ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4432750705203438&correlator=2894838791802209&eid=31068338%2C42531605%2C42531608&output=ldjh&gdfp_req=1&vrg=2022070601&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_5&sc=1&cookie_enabled=1&cdm=www.ugra.kp.ru&abxe=1&dt=1657386082859&lmt=1657386082&dlt=1657386082162&idt=671&biw=1600&bih=1200&isw=240&ish=400&adxs=215&adys=1226&ucis=62d1zs82dum&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ugra.kp.ru%2F&top=https%3A%2F%2Fwww.ugra.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=1527315474.1657386083&ga_sid=1657386083&ga_hid=1055604479&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e18f09d5c345543ce30409b7a640f9f3847c0f05b4b5d627d0ca76d8e7e19202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33766
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A67 14 KB
11 KB 158ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022070601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48231dc94743e31cde69b405dc1dc42a4c4fb9fd05eab29917ea91eb2f76c4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10751
x-xss-protection: 0

GET
H2 200 container.html Show response
1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9405 6 KB
3 KB 91ms
58ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:22 GMT
expires: Sun, 09 Jul 2023 17:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 152ms
57ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f7cb68abebddb8481e02aa86c09a9f5bb92143703ad0c5309bac5b393168dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70527
x-xss-protection: 0
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 178ms
83ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DK6QSEZVBS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d4448a103f0dc071aadd495b1f4b412b34d8b54accf26aa1c6921b10d353fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70564
x-xss-protection: 0
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 383ms
188ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Wed, 01 Dec 2021 16:19:48 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a4-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sat, 23 Jul 2022 17:01:23 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 204ms
202ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Sat, 09 Jul 2022 18:01:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 149ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6992
date: Sat, 09 Jul 2022 15:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 17:04:51 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 257ms
84ms Script
application/x-javascript 46.161.36.3
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp2.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:55:37 GMT
Server: nginx
ETag: W/"5ada0d79-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 12 Jul 2022 17:01:23 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
188 B 145ms
48ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1657386082929&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&c7=https%3A%2F%2Fwww.ugra.kp.ru%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: rou0EQsxQNRrNrQglWe2kcSocsiuXom5LK-DBt3dCu7P-oiiXvc3Vg==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kpugra
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u044...
https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?q;r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u0...

43 B
528 B

84ms
82ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?q;r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u0442%u044B-%u041C%u0430%u043D%u0441%u0438%u0439%u0441%u043A%u043E%u0433%u043E%20%u0430%u0432%u0442%u043E%u043D%u043E%u043C%u043D%u043E%u0433%u043E%20%u043E%u043A%u0440%u0443%u0433%u0430%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20;0.1379251487647981

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kpugra?q;r;s1600*1200*24;uhttps%3A//www.ugra.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u042E%u0433%u0440%u044B%20%u0438%20%u0425%u0430%u043D%u0442%u044B-%u041C%u0430%u043D%u0441%u0438%u0439%u0441%u043A%u043E%u0433%u043E%20%u0430%u0432%u0442%u043E%u043D%u043E%u043C%u043D%u043E%u0433%u043E%20%u043E%u043A%u0440%u0443%u0433%u0430%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20;0.1379251487647981
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 08 Jul 2021 21:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
366 B

48ms
47ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:17 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 7
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: XDLw8OOTRZoSsSlRgCHNdkjarChcbNuRZ2GxuhjLu0h2h24q8bHxPg==

Redirect headers

location: /internal-c2/default/cs.js
date: Sat, 09 Jul 2022 17:01:23 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: _cHUr2YfV7XDB2Lec0GttFos-hi0PNm_JxHSH-m2liaP6pJiMWv4jA==
x-cache: Miss from cloudfront

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19EC 13 KB
5 KB 146ms
48ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:35:43 GMT
expires: Sun, 09 Jul 2023 16:35:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E90B 783 B
1 KB 160ms
57ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dfa3dc572718e898191d89c0278e9d756908277507f722f9088b695c302d47e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UOlaQ6yrMDLhvvl_EkrN5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UOlaQ6yrMDLhvvl_EkrN5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sat, 09 Jul 2022 17:01:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A67 17 KB
6 KB 78ms
65ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 176ms
56ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=643179259.1657386083&jid=7189488&gjid=755863464&_gid=4182613.1657386083&_u=YGBAgAABAAAAAE~&z=2007385269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 17:01:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 157ms
55ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2037908413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1000733630&gjid=1705250457&cid=643179259.1657386083&tid=UA-19328520-23&_gid=4182613.1657386083&_r=1&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=348553510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 153ms
55ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2037908413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1633225059&gjid=1449504985&cid=643179259.1657386083&tid=UA-23870775-31&_gid=4182613.1657386083&_r=1&gtm=2wg6t0WCBNVW&cd1=&z=1369689920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 147ms
48ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2037908413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=7189488&gjid=755863464&cid=643179259.1657386083&tid=UA-23870775-1&_gid=4182613.1657386083&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1085547120

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 03:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48385
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F897 81 KB
27 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612088/6738a68430466986af5f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 560 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 113ms
112ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=73892ac9c9b0a636&pm=bmo&pxo=2fpL3bYSyDqPeKEReJhwQWSOKE82VP9rWMs1IWq6-7LSLRVRVCJSKE6tzXn9yuKfrm8LZvcKUE2MXrCf8mhtvf-4gF-dK1kRwL1uUtJpQl5tAommppvePUz4UCcikVQxAogTi3Hj05vKxNrOpg4TgJNf18zHaKVxQadRMwO8nUdPGHg%3D&p5=gwaok&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgoo&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxitMliZCrhUdI3j0Voibzt&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fbao&rand=jiypizi&sj=gSzMN4VZxEsWx47728qrEYS7tEQW2dWzl61IVglOwrZ6gR-_YoYUAJ-N9QQ42w%3D%3D&puid1=adv-1657386081300-370&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC46 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:35:43 GMT
expires: Sun, 09 Jul 2023 16:35:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77D8 783 B
534 B 162ms
58ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d3d2ccb80220d3a90bcf87e2551b617a40a4ca50f661cb57ca565eb4fb47167

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eoD4lKxW4hMygI7sFMWaNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-eoD4lKxW4hMygI7sFMWaNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sat, 09 Jul 2022 17:01:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E90B 0
0 191ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=4136770530530568&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 19EC 36 KB
14 KB 148ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 168ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe6t0&_p=2037908413&_z=ccd.v9B&cid=643179259.1657386083&ul=en-us&sr=1600x1200&_s=1&sid=1657386083&sct=1&seg=0&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A715 6 KB
3 KB 153ms
55ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:22 GMT
expires: Sun, 09 Jul 2023 17:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 103ms
103ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=a1762b210da0bb25&pm=bmu&pxo=uqSUVNR_jwy0KmzPzSa8JaNtz-wTt5_acF3fXn9cxEsxvPYlTkKZ_I42A1hdWKzY5KcwGuc8b_kPc1sm66yb4Ka1e9F1svy6CkQI73xyaRE2cL2P8302Wex2_q-ZFO7YmAiP1_sNHsZ4jcHCWEzErypLB1pz_L9vTqrqlC6efVAD-hje&p5=gwefg&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMli77fu5xaM4bc0qOqy&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fxjd&rand=hvzngbj&sj=9MqiHDp8zgh3dcTzmioQNh6ByhkCeUsusQJsS7evQM6vuFI-D4f6I2WulFM8Yw%3D%3D&puid1=adv-1657386081298-109&p1=cavko&resp-time=1085

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 107ms
57ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DK6QSEZVBS&gtm=2oe6t0&_p=2037908413&_z=ccd.v9B&cid=643179259.1657386083&ul=en-us&sr=1600x1200&_s=1&sid=1657386083&sct=1&seg=0&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DK6QSEZVBS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 11D0 6 KB
3 KB 150ms
49ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:22 GMT
expires: Sun, 09 Jul 2023 17:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 114ms
112ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1172e806a724fc09&pm=bmu&pxo=MqoAiHJFIWVuRHBHzrd4xx-wcNYeB72T-mcY3CYuvlcPzHg9y6CzmLge5M2hX4jiec3zNl60PT-_WpqzGTM4ysOhMdPS9M2qyOTWiEIMiEjOnd0RBuedAtO_iImIGviiqDH_TCVOu7OzpuHyXVZfJLH5nozb5uZkYeO7hxeII65hZCG7CqmK&p5=gwdbk&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=bthythm&sj=GEKOhEvednYUOGvnMTdyjXQt3QcO-9lIL8PS7fLaaldBppY5E5-uWtEDBv97LA%3D%3D&puid1=adv-1657386081294-909&pr=nfjqfyy&p1=cdinl&rqs=YKQWZFfGtzxhtMlih77ALQd_lqpGCQFw&resp-time=1596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 176ms
57ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=643179259.1657386083&jid=1633225059&gjid=1449504985&_gid=4182613.1657386083&_u=YGDAAAABAAAAAG~&z=727049528

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 17:01:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 175ms
57ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19328520-23&cid=643179259.1657386083&jid=1000733630&gjid=1705250457&_gid=4182613.1657386083&_u=YGDAAAABAAAAAG~&z=179468457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 17:01:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 370ms
160ms Script
application/x-javascript 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 90ms
90ms Image
image/png 46.161.36.3
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.ugra.kp.ru%2F&rnd=4468078954595
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp2.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sat, 09 Jul 2022 17:01:23 GMT
X-Target-Final: 20220709200123-0
Server: nginx
X-Target-Host: target2-1.sselp2
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00017
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F897 374 KB
128 KB 47ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 16:45:55 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=643179259.1657386083&jid=7189488&_u=YGBAgAABAAAAAE~&z=318650001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 180ms
70ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=643179259.1657386083&jid=7189488&_u=YGBAgAABAAAAAE~&z=318650001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
124 B 103ms
102ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 18:01:23 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame CC46 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Au...

167 B
567 B

108ms
107ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170122%3Aet%3A1657386083%3Ac%3A1%3Arn%3A923031480%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386079268%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

901fa2834b7566b2c1bb6fca8eebe05f76cabed87ca476b1b3a1e2337c0b5073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170122%3Aet%3A1657386083%3Ac%3A1%3Arn%3A923031480%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386079268%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77D8 0
0 90ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022070601&jk=4432750705203438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F897 107 B
122 B 56ms
55ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F897 107 B
122 B 56ms
56ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ugra.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F897 18 KB
10 KB 415ms
415ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=55839496238017&correlator=830702438210728&eid=31068034%2C31068158&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_9&sc=1&cookie=ID%3D305b2af02f7578b5-22079382c9cd00fc%3AT%3D1657386082%3AS%3DALNI_MZYzXdfcNtSFi2Z3fksENv1WTeTew&cdm=www.ugra.kp.ru&abxe=1&dt=1657386083431&lmt=1657386083&dlt=1657386083133&idt=288&biw=1600&bih=1200&isw=300&ish=600&adxs=1100&adys=486&ucis=chlbp4n7qape&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ugra.kp.ru%2F&top=https%3A%2F%2Fwww.ugra.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=643179259.1657386083&ga_sid=1657386083&ga_hid=1013956344&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9bf21bf3d6a5a54d3d5961c60e2bb30db01ac879e88d0411e7b3496634f1e456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10151
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F897 14 KB
10 KB 62ms
61ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289f6b5aaf6efa55363a2b608a2068c616a2d301285a39f88718ac7bd576f61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10554
x-xss-protection: 0

GET
H2 200 container.html Show response
77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E899 6 KB
3 KB 87ms
55ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sun, 09 Jul 2023 17:01:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A715 2 KB
535 B 152ms
57ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 16:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 17:01:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame A715 2 KB
902 B 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:51:57 GMT

GET
H/1.1

200
OK

px.gif Show response
d.adtriba.com/ Frame A715
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=7f2b0ae8&atb_dcaid=Display%20%7C%20WB%20%7C%20Conversion%20Puppy&atb_dpuid=GDN&cachebuster=3259637614
https://d.adtriba.com/px.gif

42 B
227 B

50ms
50ms

Fetch
image/gif

52.58.18.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 52.58.18.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-18-216.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:23 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sat, 09 Jul 2022 17:01:23 GMT
Last-Modified: Sat, 09 Jul 2022 17:01:23 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A715 0
0 92ms
92ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COdrsYrTJYoDqN4i83gPEzJHAAoHH4ZhptOrG4qgQsOqom-QvEAEg8cvnQmCVgoCAvAegAZn50vgDyAEJqQJ3hRzFBxexPuACAKgDAcgDywSqBKUCT9CiCnwA7-wgyb_ci_jTnnXS7-5bP3UvE8JvA2EWIMgEOIYIEkl_D49XG5ddgbpIm-t7itT3en5Jfu1SXtZhIbdZqxeMng5XWMES8XDXkmKttGKWSPJ-EcTY95RjxYBYWl3ZbR-P7XsGIeMlSYyu1M42WVL6yu8LqkghOBdaVsr6dOAs2Rhn7ggy3y0TMDhiXLpWndMRjA5XTFZbynsOxeyAtojt0ulzrsR5T4I94MUH34ntuRdg2-8byiJoz79rcZtlm28fbFXPWj0HZ0CbhYbzlmn51dDVyv9j9eI9kULNyzQ_460DaIP-g0iGfH6pFE7YjbRrmB8D7etJ7AbaNPEdD8oezUU5AiUgeRK120dTJj8EbxgLfdCnrG0qtx_JwUNQEYPABICW5q_3A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfPhq0HqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENbQCdIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=7IyjX5yq9nw&uach_m=[UACH]&template_id=494
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame A715 21 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:53:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame A715 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:40:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A715 137 KB
42 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame A715 17 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:48:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A715 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6anGyfWi1Tr29nlmrOkKWCLTXFvRqtPzST9C6fSdOwA50CJI3NNDbiK8tiyl-5s5jOI4tSzN45I1zka29WqSnj3JJEw
Requested by: Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame A715 31 KB
13 KB 149ms
47ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 18:10:58 GMT

GET
H2 200 791740760*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
334 B 95ms
94ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/791740760***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: a1fc9ce953c684addb5f932dc5883893a2cf89c918121a4e52baf4475243e100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.ugra.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

961049052
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052

43 B
297 B

95ms
95ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/961049052
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A715 52 KB
52 KB 208ms
103ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRxFcjuGv4WT6RTxI2VGHnoWRlqv5BBrhvTG1lV3_PviGZ3kdWPYAfWG9ir7g&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c26edb88579f65697111486238db2696af203daa4bb568c2aab5baffacc9f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:58:48 GMT
x-content-type-options: nosniff
age: 252155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52927
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 01:44:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 06 Jul 2023 18:58:48 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A715 55 KB
55 KB 153ms
48ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSUm0UyELsdBMd1fa8qwymoqMCy5bMrFSn5_rgUfy6Gzxxr48l7gnGG7LHS0g&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62ab21dbb12a76dc0ee575d6857d9da13185c4cbd4a3b5c350b89acfb4335a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:16:52 GMT
x-content-type-options: nosniff
age: 413071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55812
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 02:04:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Jul 2023 22:16:52 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A715 50 KB
51 KB 152ms
47ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQYeHqCfg6Kvz3jCCTaSWxQZSNoXhLynHp5PXN8Apk2L4GiYJ2XD28Um8Gwkg&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b058a65d9f5c918e55f54737e32500c0be7d19f9c5c45241f70aad43f306e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 05:13:36 GMT
x-content-type-options: nosniff
age: 388067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51674
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 01:23:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 05 Jul 2023 05:13:36 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A715 46 KB
47 KB 207ms
102ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQBDIXMYNZ75fMRK7cqeyHfsA5cQsjam8BZFZy5Dtakt1_OC5Y9x2JG-t4RjaM&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefea24fc1738f266eda68ba7b582545d4f257b3c8f583cd38c35f6ff327d55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 22:37:12 GMT
x-content-type-options: nosniff
age: 66251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47575
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 01:51:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 08 Jul 2023 22:37:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A715 40 KB
41 KB 153ms
49ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSF-d4HVfWz7RGCc7dE-f87D5WhCDKiFoM_t-XOJdPxvHjzt7XieEOet5VmGA&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc8198adbb9f94e7dfa57e8039cbee32819ba1754d68f415a1c2f64e5f84d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 06:19:08 GMT
x-content-type-options: nosniff
age: 384135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41388
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:08:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 05 Jul 2023 06:19:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A715 44 KB
44 KB 227ms
123ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRvA97EWiGaDsrt9iWdbEHjm2ChhiB8F7uTFsJBoPmLR2-J1QlH-OxT8ofkrQ&usqp=CAI

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

350d787aff25d785b8e43b6b8c77518b5f219737a95884885c2f8f258dd06545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:48:07 GMT
x-content-type-options: nosniff
age: 558796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45197
x-xss-protection: 0
last-modified: Sat, 02 Jul 2022 05:50:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 03 Jul 2023 05:48:07 GMT

GET
H3

200

3454667762144682155
tpc.googlesyndication.com/simgad/ Frame A715
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXxortIxDQDxjQDzIIMlSmiZ_II1Y
https://tpc.googlesyndication.com/simgad/3454667762144682155

1 MB
1 MB

50ms
50ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3454667762144682155

Requested by

Host: 1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
URL: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

537ee0e3c85284942eab5e6a1a6c4707aeff40f93fcf3d3c410ef29dc499345f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 07:42:01 GMT
x-content-type-options: nosniff
age: 119962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1387836
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 14:21:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jul 2023 07:42:01 GMT

Redirect headers

date: Sat, 09 Jul 2022 04:27:30 GMT
x-content-type-options: nosniff
server: cafe
age: 45233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3454667762144682155
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Aug 2022 04:27:30 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19328520-23&cid=643179259.1657386083&jid=1000733630&_u=YGDAAAABAAAAAG~&z=1513747818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 71ms
71ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19328520-23&cid=643179259.1657386083&jid=1000733630&_u=YGDAAAABAAAAAG~&z=1513747818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD34 624 B
974 B 161ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXHh4GKk2FIflQei8LL_8-gV3Mvgt6U-NpsTby4mhX6AfZb9Pgy14PMGWNCfBU_GKXbEqqayA4IRvRgw7WNPrNfnTciHyVasmGDFjqgodzaMCOHTvQeXqZ9izEP4UMrj_zFKKVZZYU2D0pN8JL6U2CESugJQwvKDR6Msoa4OpmdZW0B8bY

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sat, 09 Jul 2022 17:01:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 11D0 83 KB
34 KB 199ms
96ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYrT2k6ybUZ81JE-p899xYTXNNqSJW0ASW8aiMahuvVGmff7bbLxriTPevCXVvrTQyDbJbdnGrSHln6LBTey9dQzoeufUnBTuAJh9rk_kws5Fp8oUeVnFif0rHLR46mn8HLPQ_v_73m6Bsw5M5o9GULaIzQg&dbm_d=AKAmf-DSb7q1xxJCqCDrQMRenF0HDZjaBixtPyiICctZlp-X6CgoTVRpcJnrfTUcuBlKABLa-nDoxjncb40ZBSsiw-ryR09PxU3nGPwq4qM3L4ufyyD7g1i8UIHa0pQ9CXgmz3lEyu31selOHJcYr3ZU66ilcJXnusjjP_8ddZIWe8djvhJQ9IaBYmMbaTn4eWsM4cK9MKBXM48f-TiSgOus29XtQXwuqAj9a8bD89P_MenOLpCbvWnPWyvrr0sKxjoWPaXPB55_f7acjuowPUQwbqujqXzvvZV54VezuOMXitV1hmCjNVQBQKZOzGb9661PpH7KBgzh80Hqo87uISybo2QX7XzcpeYIA1-0bFZxV39aO5oHmCHGnpOD5swIBuIkV2GrFJau488tgTqdOW6rR9Yen-SMYSaRS34WEBYI7_dVjPMKMBKV5QzVfvNZ3SzF-Rx7-ZG_9l1DxqNHPie0rLNb7-QjljHU4jn7WHe2wfi5WoBmuRzTUbrnUP8PKikKla3uCde4G2xeKvmhoRO9ZITFSYzP6Rt-A04xqdDSlSta2UF8daEfGZt71gPWAO9An8iGzxWV3WypzZ71gzqvvIpCA-AmXm5dBEzSEkUnWTU5lgF5zw4TBcr716oMpKdCnnH8Jx3RoMW8VrR1MaIXLfgGgjiP5rjVRP0QjbvM9RNHaHDTcdSqjX63JelcMUQXTU8kCpGAJvuxuuFOdCZ2OhdewPJdyPtUJ3XRmCWXBxRrKTk93x_nr4SLMkqO1tAuhBHIS2Bu_FiDzhXnlg3dPQViSlcMlfiWATrKi_iF5vSdFpTO7sV4hHGs9AAw2euBP0ehrqlk7ubb6EYoHWV1hTJHlwnAgVDBBjOGnQArdxZQM5CECaT5onSN2jlM_em39R_Fe2sfklou4RH0PVESSHDXGVcrBN12Hq4ba8wiPSSon-htx2CoQCkN98VMcJRaaSu2gaPvGHRZwWu_Y-e_SuG7PUR2Tm8kc9fpKppHGnryIy-_nvS5GvPW-i6Av_desT0wraL_3oODpXbdHUIQLhwds4YPkcYwEVTt1mL5dpv29OYeC1PjhGQSPUDKwunBF0cuEdn4aMrcluZcDtrwcntkUfPqu9HLrct0W-6jFDn6jr4tXGkh_e4lkeZEES9ycfZxWPadOTWVaNcWLEcQyCBvcgGBM6LzdF6cKAYHG6bAHJXHl6MfpT7QXVSeW2MM9Cd_VjD9Jb5hny7OQQ3QEVOkwpqMcv7hX8KvZK_qGgocYTm_QoZ1jwBtUo5p9RPR1xgbN2dgceU9J0U6oilz8N-Rc3wkaHarFwV39VHZAcLeyBWCJToPr0N4A_iNKqzVDT3RfnFsQrP7G8m9tFzeLEZUM1kO_LtAhT-021M8giOQqzgHfQCd03bIBGKm_VXjvK-xGECKTVxrO5_Cv_KFj40GuGhF0TaedAmk-BINEyg-6FWG-hP3-INYka7UtHGFMsibVGwmHOhcyMzDpJynCBiZXosdFe7pwAUEihJNmyfg78J4udGoirUlSrh3NOWa4WC_V-iknmMv1ooVoE7lWTaHRXqH6fuYTXsAO9wjE1Vh1MwUpfdXpQB9uOVzVL6JIYsGiW2qPuE8dSd_95cip0JQIiT-Eu8meYBoSLbRQeVwx7oNN_t19xBpeIFRkTLx0kyIyph0ZguSZ5rRyNGxLrMgymFKXYYmItAEnMHrc_0QHOUhskR_qYChYv8yr8DpnooyChstXtQ2moBvfDvb_ovGgHfrurLqEFjCPQnPMCDthsQ0ooIsCYVHL4MK26Jd-tq3ztdRDFvyVjzvS-RM4T30H_7no_7HBiHIrHmO-rSyGDIiUUsdJKHtjRWSYHHgplfsSNyIVWcev3_1b3LaE_8C85MNIMu3nsiJHUInbosmBZa1B_PD0ozAycPza7rET0LO7w3BTxIt8h_tDGZsko1BY9v9az7kIdOcglDc0-q-LKhXGAU2mkgiTrkAdDKQMNXNsLd7FfOzkQ_Bwf8haoYkKcNPNQLY7Z1TKNQzFctSoA7URp1vDKMuZt9lGHj8jqip7jB3LuG7nJoJTFLHPh7NFPrykhfMLAhEIEOoSmxqKwTiq4GZJD3-R7ZspHkO7ejgb17Mmx2NrQb6L1e1S4TKiz1SITdTPk70jCbW_7L5tAC0OLBUV6yWjHJU0vk91LM0wQpAEUwEYlq37NRKMLcR0yDH7F6kAdetmnaCJlLTf953Ror-8Bfaz-9hdVR3eoCoD-ZXX_CPlBxFZCODH6yEw785b4Q4TaSkYgagUV3js-OprJJMOyKVOhTXWIrFh6k0qM8jYaH2U4gyphezWYbnsambDrZWdVhU53qFn4o1829x2ITomoDFraCOEcqBTI_y14HQ8TxOyb2OLq5vc-iteREq8EDgcF1H3n5QCddrMuI-q7hPsLsK-U_yEwodRhORYkrz-Er7qs8z1L7PHb4EcyzLUfxtxPD63FM1DbE6TXXaXVXlLW9EUGDDuxJ8xfXJ13GMi6jNEfDBjC3OqsTwzVDPhbQiaVBZSB8N_9myKHaPk1Q8Jz2nF87lutiFxKzeHeOClHGwp2U5bZk5YeqFJ7mCLI080GBpxXYkxYLN4-DB8JeWL0qimkiVkJUXUw9SyLcwyM9-QHeXEz-akKW0ltXl5OV2MbaTyqOOYYSpVO-88GpMk2Y57fYciwk9vqnQb9pOSlf11jbS0xbfg-nqpPrIZagEw8x87kpfUWr3rWekWICNO9miX8F5I6LWn7Dv3456pjzff3PP1SMlA57s0bJeAtNu-fHpIQ81g3UDajUrlP0A1MsBuxqFOdR7Yw0tSKTuOCu-a-AWkztcjRHBS485QKdBaz1kE1lRU86BivC7sVhsYg0GmN4eXvNPiYRiV_xRJafrhVfbwzGUoJ6Btw2Sr0GOYmH89rztCaZbbHgPgoj3rFoBA5cVJ2gOi1yzQXnbC_M_Vtx3eHG9op6sWg8wVwztotI_O14N4qbJhvjxKmaVSIo03GL-yOcIORhmKlRfh0JaeiVqQzz35PQkMqXdx5qcANJO16fDNFp5Scduwh83fKik2sQnDtW8esighbznOQ5HOQtZnQ0l7JlRmK5yZjH-HdWf0nkRlk2WUAIVlxqRbOZq6y6KWAZvxSpOlfv-tVV4tybizFEXCo3-gERBNRIJaeZMsrNQXp9y25PxdeQwnbwVtZm1Y6z98QYd-Nab03KbsK1lO5ItaPO5lHZry-mS47q4KC-D5CZiLOGUJzfSNHyAtYskKUt2jrRMipFjmJTXfLllby9Rod8HD1Nr8_RNFhdp54jTIGqUmv06iAhlZ6Mf9GkvSeIBbYtoxxQONgCTuBHFDMtu5RoSqBmTWzegwcJhlB8PtDHZ3T01A6c&cid=CAASJ-Ro3B8caAsEoPBgThIoKxpl8_LmXDU6L4sGxW9QBODarNnf8eRZdg&rfl=2%2Chttps%253A%252F%252Fwww.ugra.kp.ru%242%2Chttps%253A%252F%252Fwww.ugra.kp.ru%252F%240

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba40056c60a1bee346d30b08da05bcc9e10bfc9dee010eac6872a71577558aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11D0 42 B
63 B 82ms
80ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKu1V-2n678Z9vJAjxA0VHE-GD7yBLmb6__B69ycFUniUK6KUG-IEfaGVkc1f0jYGqVJaVzVXgpeKtR8ChC2mCJARkKWJMsCtvYeG0UAtv2pZp1tw

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 11D0
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
481 B

149ms
49ms

Image
image/gif

2600:9000:224a:be00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:224a:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age: 29119609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: BRqxrhEY33GHHJsGznce9XvAiPlm4j2jZa_zHPl3-LAI56-8yMg6hw==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 11D0 3 KB
1 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:40:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11D0 137 KB
42 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 11D0 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:48:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 11D0 0
0 56ms
54ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIiVLHc_AssTmd7MwY3DNBo8L9MIXF4G1_9UyG1islrXZ0bNPPkUwgOVVgSHSMKb-IN593ezAWTqr66ymZhm0j2Xx5wQ
Requested by: Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F897 17 KB
6 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 19EC 0
9 B 291ms
290ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UUifbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame A715 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5131de421703e124ca26032ff617bd72d555679f79ed7a48f7b35a5ccf32da51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC46 0
9 B 234ms
234ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yd6o-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A715 20 KB
20 KB 158ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 326915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 22:12:48 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 109ms
108ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A1302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170123%3Aet%3A1657386084%3Ac%3A1%3Arn%3A1053409635%3Arqn%3A1%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657386079268%3Ads%3A0%2C0%2C237%2C189%2C669%2C0%2C%2C81%2C0%2C2305%2C2305%2C4%2C1297%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386084&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(87100)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
100 B 108ms
107ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.ugra.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A579902389656%3Ahid%3A1030585718%3Az%3A0%3Ai%3A20220709170123%3Aet%3A1657386084%3Ac%3A1%3Arn%3A184763442%3Arqn%3A2%3Au%3A1657386083810462324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657386079268%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386084%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%A5%D0%B0%D0%BD%D1%82%D1%8B-%D0%9C%D0%B0%D0%BD%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BD%D0%BE%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BA%D1%80%D1%83%D0%B3%D0%B0%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%AE%D0%B3%D1%80%D0%B5%20-%20KP.Ru&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(87100)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BD34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRY0gOZJaEXhYajFbSTMuk&google_cver=1

43 B
949 B

126ms
66ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRY0gOZJaEXhYajFbSTMuk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXHh4GKk2FIflQei8LL_8-gV3Mvgt6U-NpsTby4mhX6AfZb9Pgy14PMGWNCfBU_GKXbEqqayA4IRvRgw7WNPrNfnTciHyVasmGDFjqgodzaMCOHTvQeXqZ9izEP4UMrj_zFKKVZZYU2D0pN8JL6U2CESugJQwvKDR6Msoa4OpmdZW0B8bY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f1099339137-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZ6elt58BtP33klcszGW%2FxgvuIZ9FSFuvj0fUPrILcUEs8qyYtJ8HRfjESMtOG40egAN76n5QiVgBofNI%2BQSGds%2B2oDz6%2BXyxr8gvvIUy%2FnPpEVDAeFEpXMm9lP20ecUs%2FaPyeyTis%2BnXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRY0gOZJaEXhYajFbSTMuk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BD34
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

43 B
906 B

63ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXHh4GKk2FIflQei8LL_8-gV3Mvgt6U-NpsTby4mhX6AfZb9Pgy14PMGWNCfBU_GKXbEqqayA4IRvRgw7WNPrNfnTciHyVasmGDFjqgodzaMCOHTvQeXqZ9izEP4UMrj_zFKKVZZYU2D0pN8JL6U2CESugJQwvKDR6Msoa4OpmdZW0B8bY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f129c599137-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHAwPJTpoRpLin44Tc12KVCdlzYsXNyE4b1%2FhPVmBixamMPIC3R2KM1EGX2cd%2F%2B6MlFyt3sH5bojq0ER70Kv7ALbu6EPtayUNxRQVxFaVF5PP7PnQ73LaWeIsiy75klaByeEdiYuNvaLnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BD34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENcwj1t737MqOJWgjE1kx08&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcwj1t737MqOJWgjE1kx08%26google_cver%3D1

43 B
1 KB

56ms
56ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcwj1t737MqOJWgjE1kx08%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXHh4GKk2FIflQei8LL_8-gV3Mvgt6U-NpsTby4mhX6AfZb9Pgy14PMGWNCfBU_GKXbEqqayA4IRvRgw7WNPrNfnTciHyVasmGDFjqgodzaMCOHTvQeXqZ9izEP4UMrj_zFKKVZZYU2D0pN8JL6U2CESugJQwvKDR6Msoa4OpmdZW0B8bY

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:24 GMT
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab3d2239-87b1-4dfd-b056-1c3270b0d887
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ef400db6-1ae8-442d-9422-044a64e15040
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcwj1t737MqOJWgjE1kx08%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD34
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

170 B
188 B

189ms
95ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 173f1288-612b-4c3b-aa1f-85982a81f5ed
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 79ms
79ms Script
application/javascript 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l5e4vqse
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: a793701d1ec2a60894d52b6df5cb5ef88d9d81d62513a2eaf40e8aa5f75753ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 93ms
92ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=3daa0f5c608db4b5&pm=bmp&pxo=MqoAiHJFIWVuRHBHzrd4xx-wcNYeB72T-mcY3CYuvlcPzHg9y6CzmLge5M2hX4jiec3zNl60PT-_WpqzGTM4ysOhMdPS9M2qyOTWiEIMiEjOnd0RBuedAtO_iImIGviiqDH_TCVOu7OzpuHyXVZfJLH5nozb5uZkYeO7hxeII65hZCG7CqmK&p5=gwdbk&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=zfgsm&sj=GEKOhEvednYUOGvnMTdyjXQt3QcO-9lIL8PS7fLaaldBppY5E5-uWtEDBv97LA%3D%3D&puid1=adv-1657386081294-909&pr=nfjqfyy&p1=cdinl&rqs=YKQWZFfGtzxhtMlih77ALQd_lqpGCQFw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 11D0 170 KB
59 KB 176ms
54ms Script
text/javascript 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
Origin: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 19:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 19:54:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 11D0 8 KB
3 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYrT2k6ybUZ81JE-p899xYTXNNqSJW0ASW8aiMahuvVGmff7bbLxriTPevCXVvrTQyDbJbdnGrSHln6LBTey9dQzoeufUnBTuAJh9rk_kws5Fp8oUeVnFif0rHLR46mn8HLPQ_v_73m6Bsw5M5o9GULaIzQg&dbm_d=AKAmf-DSb7q1xxJCqCDrQMRenF0HDZjaBixtPyiICctZlp-X6CgoTVRpcJnrfTUcuBlKABLa-nDoxjncb40ZBSsiw-ryR09PxU3nGPwq4qM3L4ufyyD7g1i8UIHa0pQ9CXgmz3lEyu31selOHJcYr3ZU66ilcJXnusjjP_8ddZIWe8djvhJQ9IaBYmMbaTn4eWsM4cK9MKBXM48f-TiSgOus29XtQXwuqAj9a8bD89P_MenOLpCbvWnPWyvrr0sKxjoWPaXPB55_f7acjuowPUQwbqujqXzvvZV54VezuOMXitV1hmCjNVQBQKZOzGb9661PpH7KBgzh80Hqo87uISybo2QX7XzcpeYIA1-0bFZxV39aO5oHmCHGnpOD5swIBuIkV2GrFJau488tgTqdOW6rR9Yen-SMYSaRS34WEBYI7_dVjPMKMBKV5QzVfvNZ3SzF-Rx7-ZG_9l1DxqNHPie0rLNb7-QjljHU4jn7WHe2wfi5WoBmuRzTUbrnUP8PKikKla3uCde4G2xeKvmhoRO9ZITFSYzP6Rt-A04xqdDSlSta2UF8daEfGZt71gPWAO9An8iGzxWV3WypzZ71gzqvvIpCA-AmXm5dBEzSEkUnWTU5lgF5zw4TBcr716oMpKdCnnH8Jx3RoMW8VrR1MaIXLfgGgjiP5rjVRP0QjbvM9RNHaHDTcdSqjX63JelcMUQXTU8kCpGAJvuxuuFOdCZ2OhdewPJdyPtUJ3XRmCWXBxRrKTk93x_nr4SLMkqO1tAuhBHIS2Bu_FiDzhXnlg3dPQViSlcMlfiWATrKi_iF5vSdFpTO7sV4hHGs9AAw2euBP0ehrqlk7ubb6EYoHWV1hTJHlwnAgVDBBjOGnQArdxZQM5CECaT5onSN2jlM_em39R_Fe2sfklou4RH0PVESSHDXGVcrBN12Hq4ba8wiPSSon-htx2CoQCkN98VMcJRaaSu2gaPvGHRZwWu_Y-e_SuG7PUR2Tm8kc9fpKppHGnryIy-_nvS5GvPW-i6Av_desT0wraL_3oODpXbdHUIQLhwds4YPkcYwEVTt1mL5dpv29OYeC1PjhGQSPUDKwunBF0cuEdn4aMrcluZcDtrwcntkUfPqu9HLrct0W-6jFDn6jr4tXGkh_e4lkeZEES9ycfZxWPadOTWVaNcWLEcQyCBvcgGBM6LzdF6cKAYHG6bAHJXHl6MfpT7QXVSeW2MM9Cd_VjD9Jb5hny7OQQ3QEVOkwpqMcv7hX8KvZK_qGgocYTm_QoZ1jwBtUo5p9RPR1xgbN2dgceU9J0U6oilz8N-Rc3wkaHarFwV39VHZAcLeyBWCJToPr0N4A_iNKqzVDT3RfnFsQrP7G8m9tFzeLEZUM1kO_LtAhT-021M8giOQqzgHfQCd03bIBGKm_VXjvK-xGECKTVxrO5_Cv_KFj40GuGhF0TaedAmk-BINEyg-6FWG-hP3-INYka7UtHGFMsibVGwmHOhcyMzDpJynCBiZXosdFe7pwAUEihJNmyfg78J4udGoirUlSrh3NOWa4WC_V-iknmMv1ooVoE7lWTaHRXqH6fuYTXsAO9wjE1Vh1MwUpfdXpQB9uOVzVL6JIYsGiW2qPuE8dSd_95cip0JQIiT-Eu8meYBoSLbRQeVwx7oNN_t19xBpeIFRkTLx0kyIyph0ZguSZ5rRyNGxLrMgymFKXYYmItAEnMHrc_0QHOUhskR_qYChYv8yr8DpnooyChstXtQ2moBvfDvb_ovGgHfrurLqEFjCPQnPMCDthsQ0ooIsCYVHL4MK26Jd-tq3ztdRDFvyVjzvS-RM4T30H_7no_7HBiHIrHmO-rSyGDIiUUsdJKHtjRWSYHHgplfsSNyIVWcev3_1b3LaE_8C85MNIMu3nsiJHUInbosmBZa1B_PD0ozAycPza7rET0LO7w3BTxIt8h_tDGZsko1BY9v9az7kIdOcglDc0-q-LKhXGAU2mkgiTrkAdDKQMNXNsLd7FfOzkQ_Bwf8haoYkKcNPNQLY7Z1TKNQzFctSoA7URp1vDKMuZt9lGHj8jqip7jB3LuG7nJoJTFLHPh7NFPrykhfMLAhEIEOoSmxqKwTiq4GZJD3-R7ZspHkO7ejgb17Mmx2NrQb6L1e1S4TKiz1SITdTPk70jCbW_7L5tAC0OLBUV6yWjHJU0vk91LM0wQpAEUwEYlq37NRKMLcR0yDH7F6kAdetmnaCJlLTf953Ror-8Bfaz-9hdVR3eoCoD-ZXX_CPlBxFZCODH6yEw785b4Q4TaSkYgagUV3js-OprJJMOyKVOhTXWIrFh6k0qM8jYaH2U4gyphezWYbnsambDrZWdVhU53qFn4o1829x2ITomoDFraCOEcqBTI_y14HQ8TxOyb2OLq5vc-iteREq8EDgcF1H3n5QCddrMuI-q7hPsLsK-U_yEwodRhORYkrz-Er7qs8z1L7PHb4EcyzLUfxtxPD63FM1DbE6TXXaXVXlLW9EUGDDuxJ8xfXJ13GMi6jNEfDBjC3OqsTwzVDPhbQiaVBZSB8N_9myKHaPk1Q8Jz2nF87lutiFxKzeHeOClHGwp2U5bZk5YeqFJ7mCLI080GBpxXYkxYLN4-DB8JeWL0qimkiVkJUXUw9SyLcwyM9-QHeXEz-akKW0ltXl5OV2MbaTyqOOYYSpVO-88GpMk2Y57fYciwk9vqnQb9pOSlf11jbS0xbfg-nqpPrIZagEw8x87kpfUWr3rWekWICNO9miX8F5I6LWn7Dv3456pjzff3PP1SMlA57s0bJeAtNu-fHpIQ81g3UDajUrlP0A1MsBuxqFOdR7Yw0tSKTuOCu-a-AWkztcjRHBS485QKdBaz1kE1lRU86BivC7sVhsYg0GmN4eXvNPiYRiV_xRJafrhVfbwzGUoJ6Btw2Sr0GOYmH89rztCaZbbHgPgoj3rFoBA5cVJ2gOi1yzQXnbC_M_Vtx3eHG9op6sWg8wVwztotI_O14N4qbJhvjxKmaVSIo03GL-yOcIORhmKlRfh0JaeiVqQzz35PQkMqXdx5qcANJO16fDNFp5Scduwh83fKik2sQnDtW8esighbznOQ5HOQtZnQ0l7JlRmK5yZjH-HdWf0nkRlk2WUAIVlxqRbOZq6y6KWAZvxSpOlfv-tVV4tybizFEXCo3-gERBNRIJaeZMsrNQXp9y25PxdeQwnbwVtZm1Y6z98QYd-Nab03KbsK1lO5ItaPO5lHZry-mS47q4KC-D5CZiLOGUJzfSNHyAtYskKUt2jrRMipFjmJTXfLllby9Rod8HD1Nr8_RNFhdp54jTIGqUmv06iAhlZ6Mf9GkvSeIBbYtoxxQONgCTuBHFDMtu5RoSqBmTWzegwcJhlB8PtDHZ3T01A6c&cid=CAASJ-Ro3B8caAsEoPBgThIoKxpl8_LmXDU6L4sGxW9QBODarNnf8eRZdg&rfl=2%2Chttps%253A%252F%252Fwww.ugra.kp.ru%242%2Chttps%253A%252F%252Fwww.ugra.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:50:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 11D0 27 KB
10 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:52:39 GMT

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
868 B 236ms
78ms Image
image/gif 185.162.95.72
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDZmZDQyMDkxLWQ3YmQtNDViOS04ODZlLWQ0MzQ3NDY0ZjA5YhoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjU3Mzg2MDgzNzE5Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGY1MzBkZjM3LWUzYTUtNDJlMi1hMGEyLTE3NDUyYTQzNzJjNhoILnNtaTIucnUiAS8oiA4%3D&rnd=1657386083763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.72 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-1.smir10.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
Last-Modified: Saturday, 09-Jul-2022 17:01:23 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 318ms
105ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDZmZDQyMDkxLWQ3YmQtNDViOS04ODZlLWQ0MzQ3NDY0ZjA5YhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY1NzM4NjA4MzcxORoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkZjUzMGRmMzctZTNhNS00MmUyLWEwYTItMTc0NTJhNDM3MmM2Ggkuc21pMi5uZXQiAS8oiA4%3D&rnd=1657386083763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 240ms
80ms XHR
text/plain 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 17:01:23 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 11D0 41 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
DATA 200
OK truncated
/ Frame 11D0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b70ae1740697ca3703ea48dc781426ddffcf115e4b3541059511965db9c3b14e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CE9 6 KB
3 KB 48ms
48ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sun, 09 Jul 2023 17:01:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 101ms
101ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=91770c95063ff1bc&pm=bmu&pxo=2fpL3bYSyDqPeKEReJhwQWSOKE82VP9rWMs1IWq6-7LSLRVRVCJSKE6tzXn9yuKfrm8LZvcKUE2MXrCf8mhtvf-4gF-dK1kRwL1uUtJpQl5tAommppvePUz4UCcikVQxAogTi3Hj05vKxNrOpg4TgJNf18zHaKVxQadRMwO8nUdPGHg%3D&p5=gwaok&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgoo&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxitMliZCrhUdI3j0Voibzt&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fbao&rand=mdortjs&sj=gSzMN4VZxEsWx47728qrEYS7tEQW2dWzl61IVglOwrZ6gR-_YoYUAJ-N9QQ42w%3D%3D&puid1=adv-1657386081300-370&p1=bufhv&resp-time=726

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame B37C 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3175 13 KB
5 KB 47ms
46ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:35:43 GMT
expires: Sun, 09 Jul 2023 16:35:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D99A 783 B
536 B 57ms
56ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a20941881072195453b90d213070e315468c46b9d2a330bfbb4d34dcd918151

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ijjMa-R_RZkZZKLb6WsLKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ijjMa-R_RZkZZKLb6WsLKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:23 GMT
expires: Sat, 09 Jul 2022 17:01:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F6BB 22 KB
8 KB 49ms
48ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 208116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D7B8 624 B
297 B 153ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNXIriZyA3ys6MgQltEReo_cYW3Pt-VZWH6a-jYq_3mYoq0aFL7CwnJPc_Yo3Nx_cFgF-7DmIbGUTKOMmbU7CzQ2Xl4H56vN9PRHyWHRHH6ttCfDUsG_ZWCgq6bkCfmjb8kE2xN7KBUPOg46hbKfnGX5hb3copw234_NQ8Ag9McwGhmWiMw

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0CE9 80 KB
33 KB 185ms
90ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCyk-ct_n_Dj-hUqwW0O2smVKNMkPhlwoCZtHKD37ZHJZ203yh_0ndKt5H51rjfFIv2qyWlv7z8o733fT7X83sdUlBmi3-1ZYpPbFvgG0brDIc86J4CeB7884rlMJbG5L6l1jCHkyrCNCUPVtT4rWH-zqDjA&dbm_d=AKAmf-Bz_eWrARX-ePHlI-CwjiBoB1X_36dthbqo0_FFQgyfpLdax5MUgier7gEsf-h8UEqdDxLCr66-iDz-nd2yWmkKzkwt9pq5toO1fSOqgXx8lbbL56XAcqJ2S9lqmukAjyIOfiJkB4aVnO0QHThCy_MAzy6kmtxjsQCCJ2DZ-nszg_ANOiibMXCCuZNJSqrHBX2KoKKMDsP-1ezQtAb6Iat3Nhdl_r9wgi0083-7r_1yXrJXrhncz2iQ9Nx3eFU6AXlD32kGHi8HB0TL5FHXljEsT36mKAZESQRd-1Bzl_dnzUFIMTiAA9ZBXEB-ww2ecanb6faOfM1RairjGqJ-vYqMmLbt_0_LO4bONVNdSGIKPzVhbPQwKdWwGEfcs5KGA_0IHlwtINtD5AcismqF9C8U3fRQTsUf7AMKbT2VNEs7pNhAWjaJSHS2_kHyvhePX2y9xJwwBWUta2QAKvOe4502aACFkYSzkRXVYpKchwYVfiCGSKC8VTCZlo6X5Z7ZwBW5XXIZlol-0BNBVMSZxOlNfnofHzVwqp3j4uy_I9EPLbBcV_kc-cS2D-IWYLIZ7lv9Jm5PCJDlov9a1iYWsd6bbZ9JepC2vur5_DqC3ceCUkxEHjWnWIhJV6UAhGRMh3gHL608XZAwnZdCJO7yjivMuvKhLiLlhvfysOZv-7ugegM_e66Py0Ft7XWUm9rWEdxCWK_vry2wRsdMalkd-4Q4QtdWdUVa5bRtta8atbWajLBeajx92e6f8SZT-QmtsKnyn2yLfVMvTnxx7CFBhf0uLWxQ9s7DeoHug_evv8ErYhS1gvKTGYA-3JetjLIjiQ8Gf1iZLIl3sTP5SqrwDYs02BmJuhEFY-rADycCPc021Ii5TkiSWM0YHLmxyeEdSKFMZ55PNj--2RWHjTYfmP1yLdhpKQnxfFQMATWV4E8w5FcE-Mcz8IqaENKANKmdRPmqkW6e-uI_xXg7fsVBPsR9aHfQLFHh9DoQP2TrFhY-dfxNC_6N9DKAHc5Rr1t9y5DR80Z9EACyd98iNOVgHF6_agEnps09KRy5cgqbBBgt8qZHVsw3PQkFD-fkiehCmV4wtU8ZcKcWwbNNPmYQhyIxgzmtJI-FbZCnfgZ-b7JPEgPGRJ-i3fUpWfP94b3QPVcKs0FeUVdiOIcd_A0PMbbEpDjBT00lH1V6ufnHmLnX0xFYkj-gWioakxCcixJVo2r8KX9DGqEoyhhKZTKSUCTrLqx7eCpNngGgLaC55UjD4I87ffGiynhAUJjH2SbX0BGWiWNZFnVL9o_-S34S0Q83TI41pB6Df2DrRT1UCmencO-FiFPP7E925hHT19krcU95rVuYJuDIZ0slUM19xTHztKv52Rwvfav8UnLNCr9Jh5kYeiwWni51Mef0cU5py5UVceD3-VvxgTSyO5UbD9D__o04cC6J5ssbmxzzz5kilY9mqN3KrMjk83uKr7a835_0ClfHc8eZ1bi0FdLJCzFbYtTopA6EnSgtdMzn0YSFx3NVgYlXgpVPg8mp9uFRi8tHAS5qYa7nnmkouOwFiskKoqSyi9trN3LxaeLy2XsDGLXKJFOdxAkl7D7120I43Wm-LG1-x-_X3pZeogRLm0GUbXuXJOa00lcxpC4f46SiFC0nvvS7fGvo6zdS2mAvuzpTcXt_RAdsCWge_h5P0ARZam5z99bi6xzz__zX0x7u-1SHJe3YrziT_i9rYHF9Xnc8B467apXq0IPBXYu48JvyF4ELGVhXakx_19JNe-FCQ9bQ8OwnS8wx2YKr70WsM6Ve8-JKcG5O-21FMMhtvWC3N9dVk7fIIb2oN9tZTxUpsP3bMKQv7k3RytpyjgYooI82u3pF1FPD9pK65xbL9ayKxF6fIVrD1rbwimui24ikg7eekC_ZyMw35mpUP1tENjvaAF8hB6OPKpSYfz4EVRFeMneWHww1o5SpjMhhQQ5B6XwlEdgUb1SrcCJShvi7G-5QN_gMQ72h1hIBpxTLVZckSRy0JJtGyU9RPO5U2ilsVdY8MWeqGZdN8_dQtBQm6PzsX6TULMkc5HsvKaAhNZhXJIqVq8vaK_HszK78mp37M7UbZgWkj4Z7csE8V2YJlzS15pXduFMq18G26W9q4O5nuQ2fjQtw1I7BEdfOW1WrQcwYEQ2o-k8qV517qtiaXjMh78Xv6dZd7pIDDy0GalPAgVNWzxbIT7PrdPSA0-X4t85iAVoq0U876ks0DwIlAK52sgVwp9ZLc3Zte4__KAqh-GWDGHd0j2wB2A_f6YiD2l36zfapL3nD643N4rmYgrb6E6hKFwijGf04oTIC2kP6EMnG_mr4O4-h3z6s1F-qz0JH9N_b4a_LhR35tKXxz6YmxTiZoKrO3lYwiEZpo66K6BqK6BYGuGsJE7-FctAyU_f29qhiCqHkDz--tAmCT8Zb-EWNahnB6jz2qwmt7IiQZtOxuAATuFiP0sJuyCnKXdhoL8RdHSxMSWhmrhoduwjQOKVeOjXyc0Q70_FSBMrsdyEr2gQYxUVQOxjU12khaiQJKXQVlbfo5Q_B4bYc01kRww2V4BLBpY4fAsPdMdJSCsJ4tlagTmbc7WFiapReSIiORg9fYypIQMQrPPjgN7wV6s2D6PEQ1WmIU6S2DBS7sHX55s-nGAjLo4YrnQagDLuG9dXZgzIEHObRuTy-ipAia89cIB9gq3qOfxTslWfwT2XTG6CFAcuYPhJXn64KnpaX9JLJWkmJkpRVUIdY36YBnA2zpjwWFlHFAhFl9Q8g3USOJTQxu5e9c0dxK9OMkDxgNVD0Kh1ipHDtHsYA5QuDbO5nrPR7MuLAr0PG4YwTUBcGXvGAyV2XBvg2usOjC6H-ykJ8L1ZalwqdQigM4ywOd9O1cOEi9IT3WeTjWhqd9LGCMJ71rW403iTChVrHyMKqBT8waMtk_oIhytS6ww7WnJMO6YFrCs2byagCBUc-5aQGTN9Gb4dFDXFatX1Xx0l_Uz3rSXONtPBjxKQCJWDwUERS4F7QPYC5DhM2PyECa0wTgU-4PR0f2bbefxIQmMIM4hzMmyRsEPjutFIvJE5PbRwYscppxIJeTqKWme5AxQtrgVGs6wvz4FIpnR2RfSg1cpHCI8W8WtOptDwXf2KnvCbeXdiZZ-ZZ9e7HlgPYTXv6uoCVNHRcolLO-PsHpj5WGsH_hiMTVNYpxoMZcCk74ORqhhC6Gw8a675R_oxb0q0OJJUT8pdeyK2RS-08C6O-9G_h3jrV4iKPiRtEvAeX7Ihfmc5tDKW6O22HrtKaUbQL6PMlvEKp-_wmheddVPClfPj4mYR7tOoY4pwXBN_cZmT1HJxCozGN7yYz1PhsaB-X8BHrDmEidO_yQXcp1h5G1gxsv5uO-Y5rmzAzjGGC1I8h9sPIxQdHwBUoEAvDR4oyp1WJmZXvrCChQ1XyAka_11c&cid=CAASJORoaxDvtF_3SERh9fPv4Xm3rzorUoydAy5E80aju_8glz3PGw&rfl=2%2Chttps%253A%252F%252Fwww.ugra.kp.ru%242%2Chttps%253A%252F%252Fwww.ugra.kp.ru%252F%240

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23e97922484eefbb08ba0219f5a783e633edb83a80c14e2261a830c1688cc037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CE9 42 B
63 B 80ms
80ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AR-g6-F95rjkRbU-x11RPYIWRBtiqP6ayv5vdRIsSFYKefLh9oqVEENhegLFjTIyBKnFWYDFqXVANkz8QbXno04Cwat4KOc12Kq898tuzj4dIg-s4

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 0CE9
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
482 B

49ms
49ms

Image
image/gif

2600:9000:224a:be00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:224a:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age: 29119610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: qtEKv32Iwy3T8qTnKx1T20jmIR7-993KZjyUERu3Z7obHg4XmcSEyA==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0CE9 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:40:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CE9 137 KB
42 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0CE9 17 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:48:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0CE9 0
0 55ms
54ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS76gHG7AgOidgYEYh_c0r0SKq8S5yN_2CAOtDaceDhBNJC_3jsXC2ZcDp9AJh7_bDg0du-EVAMFNxGaqCuO7diQzaH8Q
Requested by: Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 08CB 36 KB
6 KB 178ms
69ms Document
text/html 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:24 GMT
expires: Sun, 09 Jul 2023 17:01:24 GMT
last-modified: Wed, 05 May 2021 19:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11D0 0
622 B 216ms
95ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYcsBxv8UXclTb-gZPxa7XEyxYxma-ZSu36iTsYHzEOXnsGD6q6Phz53PyU-MMgvqqwmRyo5rdfFpL3aae4b9f3OjUe3wmv3XuWj1GMRwoBAHqjhmHeR1pudqhvQLrqQBS0NgFUDCakbYro-ZE1E5i6oTCd_JL0W-43aggxmaiIDRRMDkSsPJxr3DlUiK2Io7AYrg3qoU6WlC4TAW3sAwRkXVmvlxXgv5wTu7hoc5EHibZTc5GMky2srf9ZV8t13G8EW-WD-rexlgqULeB08Oq9sIE4U5BT5W21Yz6xG9mt_hU7ySjUIh0yEKMUdrIOvVElaKNmwhYNSdtoJMprmcIckB9VG2jjFBJaSzKt2RlsENiaUblCNAkSAzrDegX8OeIG__RQ_TMQrnor5PtreUeDYP5Ag7QaVNovLmqHplN0MIQmm1HM15WZDIPKpJ8wIsE2YwlbyfJ7ayhkAcWD8yzyWQdLDwz6xUOe4ck9lG1W4uhDPYRVPhj0TDQRcxUN9GeN5fYbK6cbRno8EwUrBWOPQBpAHpO-R5tQ6XWT65ctsUMZqotol2JGjhpYohZ-nyN_dVhlxC3MPtgAVOVSqGRiCOFR6H4k7UIUro7CyIyCy93hx8rrBhpSCtJvCvg4vMfte6gYU9zwN9yDfgkaDr_WHSuEY6IxvmSax14oVs58D6PEg3lln5MXhvdG05awKWoaLSSQ0bvRRpZDb0LbYPZKhyfap8WUCO__VXffQAOoHcSrRvJcCJJ8J9_2zC1VZ1Raycv0xAJXAbhC-SfoTVqqj_lU7NtraH6_OypLvTxbCx_nCXyofkwv-5OV4uB18HZSdVWloT4NKDfXj_43cNp99WYvyZK6EkG7EXLtL2KUXZFjzuVFdCAfMkMOBdegp26TFO_qoBWzJQu9VOZX3saa67hauLSJ_PrRpUlCfzatBzgU8VcgkNrCgwBpNz3VzJFBKfdYLouIGxn32uvxJzeaTtHGa65x26jMJ6LsmBWD-OLpFS6jaj7XNB57kfygDNsHdCSnJGQt3ja--1Q83MGUJ7T_2BwfDfvQ2xhS8Q9n-iB23c7MpqqLHd7lQnZ_5a5EtrlAeIkl0d7HM-3mmHi_zbsCrZn7_YoiN2auyYMWEtOe83Xn76QILXUUu5dKjullNyO8vRmeTbCy2yJiRwcgIgrdfJ2k1LgvAYTB6j2fKifQhxfyp5NDlI3pklAgEtVp3mf0HBfXD-WvJ6L8zLPL9Jd_C8Qo22d0R8fpRPX7b0-d871OscmQ1sWtJmwyhs&sai=AMfl-YT1OJeLr1DQfmUkHATq_arEO-dKnuzCV_YZWMJFxZemKfPRsKiyWu-jB3Z55NzbhhS3mVmRz4EKTmBK_0mBqJSThvD2k2V2Lq1_CEwLz_A8vHvhvK9KwBa6ICcMLjmYvbi6UcaXca0ubt1Il0R-WZWTPlTwELN7dfzEIdvMdO9FggzPm594UB9uPcejBkuH6IdOMtLJKexmmxEjnlaNaQqPzcjkg88&sig=Cg0ArKJSzAGYPQCrU4ccEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=339&cisv=r20220706.41068&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 17:01:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 11D0
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdp...

42 B
964 B

154ms
71ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdpr_consent=

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-038f795ef.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rh+Q7B9DSb8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-01ec876b9.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9ozDjz6ORuM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3599334427&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 11D0 43 B
1 KB 243ms
59ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953134&extCr=17611747867&gdpr=&gdpr_consent=&rnd=3599334427

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 09 Jul 2022 05:01:24 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 09 Jul 2022 17:01:23 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame C76E 105 KB
37 KB 95ms
95ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 05:00:15 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 0cd23b19c1e94f0d

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

43 B
915 B

63ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNXIriZyA3ys6MgQltEReo_cYW3Pt-VZWH6a-jYq_3mYoq0aFL7CwnJPc_Yo3Nx_cFgF-7DmIbGUTKOMmbU7CzQ2Xl4H56vN9PRHyWHRHH6ttCfDUsG_ZWCgq6bkCfmjb8kE2xN7KBUPOg46hbKfnGX5hb3copw234_NQ8Ag9McwGhmWiMw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f12fd259137-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=na7Gy9BTlEGTpdpnLv4DJhhV4KlZkyDZrfWvHJOmMpUGi8%2Fy4Cc2Uh47dz3WsVk74CHPSmFpnZglUD%2Fs41xaJ7E3HJFGxJr8pRlErBfe%2BA28NaC%2FO8a4chBTiS%2F%2Fn8MxVz%2BGI89pzRO%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7B8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1

43 B
916 B

62ms
62ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNXIriZyA3ys6MgQltEReo_cYW3Pt-VZWH6a-jYq_3mYoq0aFL7CwnJPc_Yo3Nx_cFgF-7DmIbGUTKOMmbU7CzQ2Xl4H56vN9PRHyWHRHH6ttCfDUsG_ZWCgq6bkCfmjb8kE2xN7KBUPOg46hbKfnGX5hb3copw234_NQ8Ag9McwGhmWiMw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f12fd269137-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FdtkKfqrpkw1V%2B955C9UNQVYWKSHa7kwjVEf21Jw4%2B5MgL%2FQaBgmCLqXBNS2HKwy%2FmiGSFeNh4%2FNyCwhqdKZ%2BawyiZS5bF7gLYYtzku8NOoGh4jwaUQlBcfmgWpYrey%2BotIDqsemywTxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVZTOmp0_6lGKePp3mgYjo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D7B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKv_8nvcw39RxCVzYx750Ac&google_cver=1

43 B
1014 B

54ms
54ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKv_8nvcw39RxCVzYx750Ac&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNXIriZyA3ys6MgQltEReo_cYW3Pt-VZWH6a-jYq_3mYoq0aFL7CwnJPc_Yo3Nx_cFgF-7DmIbGUTKOMmbU7CzQ2Xl4H56vN9PRHyWHRHH6ttCfDUsG_ZWCgq6bkCfmjb8kE2xN7KBUPOg46hbKfnGX5hb3copw234_NQ8Ag9McwGhmWiMw

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:24 GMT
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9abe75e8-368f-4a47-81d8-81ad34f6b269
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKv_8nvcw39RxCVzYx750Ac&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7B8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

170 B
188 B

87ms
87ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:24 GMT
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9e67e4d6-ecfa-47b0-b72a-b06aaf4c5c06
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxMTY0MTYyNTk2MTg2NzE3NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3175 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame F6BB 36 KB
14 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D99A 0
0 112ms
112ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=55839496238017&rc=
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD52 0
0 115ms
115ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=4136770530530568&bg=!CgmlCU3NAAaYcLjmuHA7ACkAdvg8WmBTCLxLIKZuIo7SwI7K_aC5V3Jh6akEBribpioVz_0qTbc5DgIAAADwUgAAAAJoAQcKACm-VhyDE5ybODd1eB0Ti7HA2zWjt1HbY74yemGtFuZDG28TgunrAulnSJkCvU3Lx8Dqnt_DZuxqo9VpVOmOb2UYDPZKAYYjdNCEdT3Gjqu3l_x1iOitAKZkeinMg6RYY1Zbrh8a363mXWQtZs1NbN0Jp4O3Cv9utNBdKKM5hombvR8BKeVeQGazCjbVmkz8nap-cMta9C8ore191D329kBOPqSNGTIdi0iSwMsbwljhM-HsC-xm-6SuNNBdaejGVrifbqdC45URXTSB77coeNPr0lo8RJRFdMGotorDMJdnhOdGVO95lv1vViEQO9E8pd3l_YEEbnQRubn6TrJkztvJNBs9mL938hHy4YxWSfvXnB06Bl8BCNBL_oA40i0lcY_Gqfts7d2v7LMAqBrM_IsgGjVlkNhmOhB4OkmSnajygXLOKEiHsszCfGJJQSMoylXNcKV6pYU47zTbXxVnniz4jmBM8jKvXnapDjd4O0Un7tEN8XAoOMeHKB5iMAuO47TQ-DWDBvkpBUZvUG1TEk4dRfAynR_dGbKrrVopi5R5nQ0Dy0Fi79b2DCtOnOzeoXW-5sEIpO1q30szHNWxbrpmfE-kMUqgIQ5n7bbYeFSh0Wu7sE96HFI6oBxRNlepPuxkN6j3TgHMGetCYq24tNrf-DSW32gqcvbdlA3IIy_LtcHQ_-Em30xTuDV_YEqRRadGZG0jTh9jmSfDD1t8nll0vfxvXOaelCWIvbHmTi0eVXMmFXcew1yKw9Cb0PSVCa-UK8hdDo8BysmD-Oj6XVFEeZ30HtlIQmusttTDrRoFXkQoQdWehHZLkxP6ZU0Ngd8Oa03b5MqpaEsdeW3r89hWGl0QMjr0Rrkqz4FFoIP1jbzZrX11HzXXeeLu7Qyi6ScqG7W22Y1uVK8udHlByHTS9hBqKBVvaW5j2ji7nRDg8852E3jZZt6fXOHZ4UbmPSBzKsbwgQ5m4BI5L11FIp4Tflhjcoa80qfx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0CE9 106 KB
37 KB 161ms
54ms Script
text/javascript 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
Origin: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 20:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 20:40:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 0CE9 8 KB
3 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCyk-ct_n_Dj-hUqwW0O2smVKNMkPhlwoCZtHKD37ZHJZ203yh_0ndKt5H51rjfFIv2qyWlv7z8o733fT7X83sdUlBmi3-1ZYpPbFvgG0brDIc86J4CeB7884rlMJbG5L6l1jCHkyrCNCUPVtT4rWH-zqDjA&dbm_d=AKAmf-Bz_eWrARX-ePHlI-CwjiBoB1X_36dthbqo0_FFQgyfpLdax5MUgier7gEsf-h8UEqdDxLCr66-iDz-nd2yWmkKzkwt9pq5toO1fSOqgXx8lbbL56XAcqJ2S9lqmukAjyIOfiJkB4aVnO0QHThCy_MAzy6kmtxjsQCCJ2DZ-nszg_ANOiibMXCCuZNJSqrHBX2KoKKMDsP-1ezQtAb6Iat3Nhdl_r9wgi0083-7r_1yXrJXrhncz2iQ9Nx3eFU6AXlD32kGHi8HB0TL5FHXljEsT36mKAZESQRd-1Bzl_dnzUFIMTiAA9ZBXEB-ww2ecanb6faOfM1RairjGqJ-vYqMmLbt_0_LO4bONVNdSGIKPzVhbPQwKdWwGEfcs5KGA_0IHlwtINtD5AcismqF9C8U3fRQTsUf7AMKbT2VNEs7pNhAWjaJSHS2_kHyvhePX2y9xJwwBWUta2QAKvOe4502aACFkYSzkRXVYpKchwYVfiCGSKC8VTCZlo6X5Z7ZwBW5XXIZlol-0BNBVMSZxOlNfnofHzVwqp3j4uy_I9EPLbBcV_kc-cS2D-IWYLIZ7lv9Jm5PCJDlov9a1iYWsd6bbZ9JepC2vur5_DqC3ceCUkxEHjWnWIhJV6UAhGRMh3gHL608XZAwnZdCJO7yjivMuvKhLiLlhvfysOZv-7ugegM_e66Py0Ft7XWUm9rWEdxCWK_vry2wRsdMalkd-4Q4QtdWdUVa5bRtta8atbWajLBeajx92e6f8SZT-QmtsKnyn2yLfVMvTnxx7CFBhf0uLWxQ9s7DeoHug_evv8ErYhS1gvKTGYA-3JetjLIjiQ8Gf1iZLIl3sTP5SqrwDYs02BmJuhEFY-rADycCPc021Ii5TkiSWM0YHLmxyeEdSKFMZ55PNj--2RWHjTYfmP1yLdhpKQnxfFQMATWV4E8w5FcE-Mcz8IqaENKANKmdRPmqkW6e-uI_xXg7fsVBPsR9aHfQLFHh9DoQP2TrFhY-dfxNC_6N9DKAHc5Rr1t9y5DR80Z9EACyd98iNOVgHF6_agEnps09KRy5cgqbBBgt8qZHVsw3PQkFD-fkiehCmV4wtU8ZcKcWwbNNPmYQhyIxgzmtJI-FbZCnfgZ-b7JPEgPGRJ-i3fUpWfP94b3QPVcKs0FeUVdiOIcd_A0PMbbEpDjBT00lH1V6ufnHmLnX0xFYkj-gWioakxCcixJVo2r8KX9DGqEoyhhKZTKSUCTrLqx7eCpNngGgLaC55UjD4I87ffGiynhAUJjH2SbX0BGWiWNZFnVL9o_-S34S0Q83TI41pB6Df2DrRT1UCmencO-FiFPP7E925hHT19krcU95rVuYJuDIZ0slUM19xTHztKv52Rwvfav8UnLNCr9Jh5kYeiwWni51Mef0cU5py5UVceD3-VvxgTSyO5UbD9D__o04cC6J5ssbmxzzz5kilY9mqN3KrMjk83uKr7a835_0ClfHc8eZ1bi0FdLJCzFbYtTopA6EnSgtdMzn0YSFx3NVgYlXgpVPg8mp9uFRi8tHAS5qYa7nnmkouOwFiskKoqSyi9trN3LxaeLy2XsDGLXKJFOdxAkl7D7120I43Wm-LG1-x-_X3pZeogRLm0GUbXuXJOa00lcxpC4f46SiFC0nvvS7fGvo6zdS2mAvuzpTcXt_RAdsCWge_h5P0ARZam5z99bi6xzz__zX0x7u-1SHJe3YrziT_i9rYHF9Xnc8B467apXq0IPBXYu48JvyF4ELGVhXakx_19JNe-FCQ9bQ8OwnS8wx2YKr70WsM6Ve8-JKcG5O-21FMMhtvWC3N9dVk7fIIb2oN9tZTxUpsP3bMKQv7k3RytpyjgYooI82u3pF1FPD9pK65xbL9ayKxF6fIVrD1rbwimui24ikg7eekC_ZyMw35mpUP1tENjvaAF8hB6OPKpSYfz4EVRFeMneWHww1o5SpjMhhQQ5B6XwlEdgUb1SrcCJShvi7G-5QN_gMQ72h1hIBpxTLVZckSRy0JJtGyU9RPO5U2ilsVdY8MWeqGZdN8_dQtBQm6PzsX6TULMkc5HsvKaAhNZhXJIqVq8vaK_HszK78mp37M7UbZgWkj4Z7csE8V2YJlzS15pXduFMq18G26W9q4O5nuQ2fjQtw1I7BEdfOW1WrQcwYEQ2o-k8qV517qtiaXjMh78Xv6dZd7pIDDy0GalPAgVNWzxbIT7PrdPSA0-X4t85iAVoq0U876ks0DwIlAK52sgVwp9ZLc3Zte4__KAqh-GWDGHd0j2wB2A_f6YiD2l36zfapL3nD643N4rmYgrb6E6hKFwijGf04oTIC2kP6EMnG_mr4O4-h3z6s1F-qz0JH9N_b4a_LhR35tKXxz6YmxTiZoKrO3lYwiEZpo66K6BqK6BYGuGsJE7-FctAyU_f29qhiCqHkDz--tAmCT8Zb-EWNahnB6jz2qwmt7IiQZtOxuAATuFiP0sJuyCnKXdhoL8RdHSxMSWhmrhoduwjQOKVeOjXyc0Q70_FSBMrsdyEr2gQYxUVQOxjU12khaiQJKXQVlbfo5Q_B4bYc01kRww2V4BLBpY4fAsPdMdJSCsJ4tlagTmbc7WFiapReSIiORg9fYypIQMQrPPjgN7wV6s2D6PEQ1WmIU6S2DBS7sHX55s-nGAjLo4YrnQagDLuG9dXZgzIEHObRuTy-ipAia89cIB9gq3qOfxTslWfwT2XTG6CFAcuYPhJXn64KnpaX9JLJWkmJkpRVUIdY36YBnA2zpjwWFlHFAhFl9Q8g3USOJTQxu5e9c0dxK9OMkDxgNVD0Kh1ipHDtHsYA5QuDbO5nrPR7MuLAr0PG4YwTUBcGXvGAyV2XBvg2usOjC6H-ykJ8L1ZalwqdQigM4ywOd9O1cOEi9IT3WeTjWhqd9LGCMJ71rW403iTChVrHyMKqBT8waMtk_oIhytS6ww7WnJMO6YFrCs2byagCBUc-5aQGTN9Gb4dFDXFatX1Xx0l_Uz3rSXONtPBjxKQCJWDwUERS4F7QPYC5DhM2PyECa0wTgU-4PR0f2bbefxIQmMIM4hzMmyRsEPjutFIvJE5PbRwYscppxIJeTqKWme5AxQtrgVGs6wvz4FIpnR2RfSg1cpHCI8W8WtOptDwXf2KnvCbeXdiZZ-ZZ9e7HlgPYTXv6uoCVNHRcolLO-PsHpj5WGsH_hiMTVNYpxoMZcCk74ORqhhC6Gw8a675R_oxb0q0OJJUT8pdeyK2RS-08C6O-9G_h3jrV4iKPiRtEvAeX7Ihfmc5tDKW6O22HrtKaUbQL6PMlvEKp-_wmheddVPClfPj4mYR7tOoY4pwXBN_cZmT1HJxCozGN7yYz1PhsaB-X8BHrDmEidO_yQXcp1h5G1gxsv5uO-Y5rmzAzjGGC1I8h9sPIxQdHwBUoEAvDR4oyp1WJmZXvrCChQ1XyAka_11c&cid=CAASJORoaxDvtF_3SERh9fPv4Xm3rzorUoydAy5E80aju_8glz3PGw&rfl=2%2Chttps%253A%252F%252Fwww.ugra.kp.ru%242%2Chttps%253A%252F%252Fwww.ugra.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:50:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 0CE9 27 KB
10 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:52:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A67 0
0 118ms
118ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022070601&jk=4432750705203438&bg=!iYqlis7NAAaYcLjmuHA7ACkAdvg8WtqwhvHpeoGkdId2GbNvMTV3-QkoxAD7_Chnf8cqoUrXleMCLQIAAACnUgAAAANoAQcKAJReAkPYxhJloQYxgxRtNM3xNPalO0WEh9ccqa7GH8rE2Ycgg7BwjwPfJ0Rs0ClzW9wnk3Cr4QNwKg-pE0DyN92b8CmqzNyJ8PQpfPIc-K5HAS7zkLvaem2Zx_cC8v3wzvMVMVccdbtS3iUpN_MPt_wh9ABtGfNkaQHEZey6rXwr-JPTv6hst9SKrjHfsQ52erm1p8QDmQKrPQsFVOrmI7SCrSFYKil_n8oTGc0fX01y19RipqehBdkGlCZ88me2v2FdjLitFL2jEh4u6Lo7IFWi5tfrkitU3nX9nls8BTYoxu5_Z_VywYdmab0b__S--e87v7Wt8RGCYj9Nc53Vhix5ViUSYZAz4-SbB0GlXUOnxshfI6YF8JjwzdTXH2ZN03N1UmpPLbSedACwOcYtHGhrs1vJYRw4xeiVygsf7WSq6g5oS5I0CGhLtl0YXzpy4UsaBsnUkXr-U8bjcpMj_tp51Ya6b1j4EdrMjx8fSv3M1dYHaOraHV3Xwco_yVvEuc_JLAFymMxL_9m7dpyMDkd2hn74aqgjRnHxihGn0SfiY-i3eU_Sa0TkwuJ1rly1b4914A21IQyGATqvj3DuLitdO8qHjoilZSUlaFvYnlVOA7VtaKbtqESX6IK_7WbwFcwn8Qcq8K4evcJc2xw-lTayq64opfO-2lNFriiNueG53L94998FuC_Yp8LgRiB66NNEvCix4CxlrOVp0m2mN28ti8lvUw7A06ihcND6_32xHHamYRCi18ihpDsDhlIPdO2qi_noDVnAxdQtyVtz6U2Em__NLY16JZ4QJ2YvB90K1HFP9FQe-l5u3Dm-by7_qPx2t8_YSpXOqUwT0yOnplVlQT12IK8hAQ3DAmobMfHdI6a_yRWnf09rS5wjfFbMh8FztRCUMCTIvc5V49GIQaNZq2K_Pibo81CV3dA2ElGGmXjwyWXSwBsJuNEEMxku_o_JsjpcZqmWBuIxgqGsak7vXvuezhm5Ptu9F2clTaUfzUDxE6FUiqHa1eieEOUx9DyUHr-mhH2wB-pvGBpi5zkapI7PMNAut_9v8G8zdWx6iiktZJwvDYdT53Em7jZy3_awKQsh5KjSLZLSiU9a6ZrRufc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 92ms
92ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=6e2ff3fc42c87404&pm=bmp&pxo=uqSUVNR_jwy0KmzPzSa8JaNtz-wTt5_acF3fXn9cxEsxvPYlTkKZ_I42A1hdWKzY5KcwGuc8b_kPc1sm66yb4Ka1e9F1svy6CkQI73xyaRE2cL2P8302Wex2_q-ZFO7YmAiP1_sNHsZ4jcHCWEzErypLB1pz_L9vTqrqlC6efVAD-hje&p5=gwefg&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMli77fu5xaM4bc0qOqy&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fxjd&rand=ltyqwrj&sj=9MqiHDp8zgh3dcTzmioQNh6ByhkCeUsusQJsS7evQM6vuFI-D4f6I2WulFM8Yw%3D%3D&puid1=adv-1657386081298-109&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0CE9 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 569B 1 KB
749 B 47ms
47ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0CE9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e9f59159e8fa0bcbd5a8b3544795d657dae1a659d29b0231ab2283707443901

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame C76E 158 KB
56 KB 103ms
102ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 18:01:24 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame C76E 403 B
451 B 216ms
216ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.ugra.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

65106e3aa4a2e2770276adddc0ea0f89ec41bcc17c33683e9aec38777e6aef06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 08CB 6 KB
2 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 16:36:17 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 08CB 109 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 13:39:13 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 08CB 59 KB
22 KB 157ms
58ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 241755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5dJs9v6aAfPKvfXYsl4ROLnEf9j1LOqfs9yxmvBMfoLRoD%2FttqpvXOWnO7yppgDzLnwwJG%2B8KpO4Kc9nuXFrosc6laRwIoFOMxNZuMPbii79GskaBznAYYSi1RkRfWJZ%2FI376cgXmtvTAB0NesFE%2FR2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72829f13ce44bb5b-FRA
expires: Thu, 29 Jun 2023 17:01:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3175 0
9 B 46ms
46ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4hh0JA
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C834 22 KB
8 KB 47ms
46ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 208117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 569B 0
104 B 203ms
98ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA0RXYcdNc_weQyWmYL4euY&google_cver=1&google_push=ARnp8GCn0PlgKZfS1mBOPg84XDIg7G07Vy7RKExR9ZKSBe5OD6zxbLURqcV9QQMnT7ISHjSjq3UHV1TlmQNdAcBqTxo1IitoUp7b
Requested by: Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 569B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWFPNTRJYlMxT2FkUEM1&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOs...

170 B
188 B

85ms
84ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWFPNTRJYlMxT2FkUEM1&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOsPuwLaiJ_uqNzB2SiqrkxvlAKO7OhDYCyQgJl3zgkRjUtC65DTKwoJwg

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:23 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWFPNTRJYlMxT2FkUEM1&google_gid=CAESEGQlRIKdoez6dn8ohXJ4jWE&google_cver=1&google_push=ARnp8GDMycHr5ytWP79b3nPHCp-TCR2QELWbbrZcZyOVnOsPuwLaiJ_uqNzB2SiqrkxvlAKO7OhDYCyQgJl3zgkRjUtC65DTKwoJwg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 569B 0
191 B 171ms
55ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMY8oZLd97aghQi398TEUtk&google_cver=1&google_push=ARnp8GBuFObdYzieIHOWZXYBI115Gi5pBlgvo5-11SbHsn4q12n_9xP5pbW-73y9ISpSzCiyzvbQWFmKViS4FRPaS-J3BuU6n2K4TQ
Requested by: Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 569B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAwQWM6sJFURIyCrIlKywak&google_cver=1&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEY...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=en-zI4boScmsRKwNf2ydPg2&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEYr-gRG6dd1xxF

170 B
188 B

58ms
58ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=en-zI4boScmsRKwNf2ydPg2&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEYr-gRG6dd1xxF

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Jul 2022 17:01:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=en-zI4boScmsRKwNf2ydPg2&google_push=ARnp8GAD3c2dEfdSU27x09fYYhMq2ubGJrKI7853I7Z-TcNHeamoZAeUONdUIQBNj3FwL5PfsZWnp_62Rg5QEiEYr-gRG6dd1xxF
x-host: tde-deliveryengine-production-78dd496b74-z2dlx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 569B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED6lDsQFSCp3fWkdTMUziVs&google_cver=1&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5r...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED6lDsQFSCp3fWkdTMUziVs&google_cver=1&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw

170 B
188 B

59ms
58ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBypVSfEgbPTl8Do9Ladgu0qFiVm3IoKCOz2TXFJZn1sYL_80Drz8ZvgF68uqnAn0QEg4L83c9FrYnyuCX4cjepj5rR25A3fw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 569B
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEDtnGTKzHls2fG0_g8kFneM&google_cver=1&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_m...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_mS9qR37iMc7ENyHWOF-NiFusxx5yu_Dg&google_hm=QTBrZVRwbDNXTmZYa0V2YU1i...

170 B
188 B

58ms
58ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_mS9qR37iMc7ENyHWOF-NiFusxx5yu_Dg&google_hm=QTBrZVRwbDNXTmZYa0V2YU1ielhwRVE=

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GBlmiW8bMOmAVBdFF4ughMdWH2Pr1t1iSFCUCYiuV6rdcjxZZUdOwNgUsWTeRv_mS9qR37iMc7ENyHWOF-NiFusxx5yu_Dg&google_hm=QTBrZVRwbDNXTmZYa0V2YU1ielhwRVE=
Date: Sat, 09 Jul 2022 17:01:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 569B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAABFEAAAIB&google_nid=index&google_push=ARnp8GA9FLkhSZ2zYer8PZa1HIn5ReXdO-_J4...

170 B
188 B

97ms
97ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAABFEAAAIB&google_nid=index&google_push=ARnp8GA9FLkhSZ2zYer8PZa1HIn5ReXdO-_J4S6WynYdeP8MOrjIJiRNCvG9kYcanVCZzVWHIxpouTeyD44dDbQItWGDdadDUBM5Jw

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5BL%2FVLcWNNyrnUqs49RtK8R2q61j5VcY0RjoyZBgqWRfJmC%2BnaMfoHUcQ%2F8XRYr95s5BALm%2F9BROdxHLk9tLLYC%2BHl%2FxV54hwmrkHEkIiOyM93x8B24QtKIGrvFmVkRtVT3Uftn%2FkdNTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKporDlkZpRH3tyW8jspF18&google_hm=Ysm0Y7HoQnV17O7zN6CbJwAABFEAAAIB&google_nid=index&google_push=ARnp8GA9FLkhSZ2zYer8PZa1HIn5ReXdO-_J4S6WynYdeP8MOrjIJiRNCvG9kYcanVCZzVWHIxpouTeyD44dDbQItWGDdadDUBM5Jw
cache-control: no-cache
cf-ray: 72829f13e8229274-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 569B 0
12 B 56ms
55ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6AitSMMKFZo8PHhghodrrOhTtTVndR-Yip8pf0TUH2YTb6DcZMoePVzJh8DAWMYYOBH48

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 1UQxbLRS0Hq200000000U9nJJ5WYbX9-RBkDOStTFxqdmrQOMYPkEPd400IUC95GKuS9kR5zQGmCgOn0yKoWU1j8l5G6oAjD01AjZ22o4oGB14mCCnd35I7iXOnBf22ibOo_n26ilOoiZW8CHy7yiumWJLV1v5r61Xa6fh-CivWO6EOoWKIMCfrYPc1Oo_GBo3xBz... Show response
yandex.ru/an/rtbcount/ 43 B
319 B 97ms
97ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1UQxbLRS0Hq200000000U9nJJ5WYbX9-RBkDOStTFxqdmrQOMYPkEPd400IUC95GKuS9kR5zQGmCgOn0yKoWU1j8l5G6oAjD01AjZ22o4oGB14mCCnd35I7iXOnBf22ibOo_n26ilOoiZW8CHy7yiumWJLV1v5r61Xa6fh-CivWO6EOoWKIMCfrYPc1Oo_GBo3xBz1y8dZAz08gyOXAeMwWLLtENWM7FW-KkIOzP6VuoTGW37SBC2bJQomooVIepo8Yvp4mWou6a0iXkbetCdZ8TE_ymFLKyoPomnoM-KMkRo5MmohjWyYUpWnC_s9cpM1GYlGF3ezpIt4kgAZ9AV7ColUADSqCBB7EogtIp4_Czt1QoI8T25AzWkUwqWuNf00lJJHQ8Bp_OFsGvUmO4tjY_PG7vTG9hQyE9XhQ6-0Mid2TPDp_X0AkxmDhGqCHoapKXWL6bTVDsfw-i87zsi3MmJ61xSEBMWc-dFjwscS5svN3m0hRTcnw-wNhnwSzwnfLiCBCFi7cSO6D-nCORvkXavHYUbcpcaf9e_f8DvegVSDP4TZdBNvFOjD_Qps9dCpCqCh2msC3UeB23dV44kyW3zeS7hfxiVF5kOjOFzeN63HnRtni00AdfiLu0?confirmTime=2117000&confirmRatio=1000000&test-tag=417814418554882&format-type=96&actual-format=8&rnd=4248808301911&banner-sizes=eyI3MjA1NzYwNTYzOTk1OTk1NiI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:24 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/ Frame 6DED 11 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 276419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3893
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 12:14:25 GMT
expires: Thu, 06 Jul 2023 12:14:25 GMT
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CE9 0
27 B 191ms
95ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUucZhsmeyBiN0qXhgYXe88F3lojMwjyz3Qm-HZA-9ND0UwmVDpoHkpWEz6NCkPS3ftAhYieskM5zYncJ6g1Om62qasqUjtiwnXGQ9W46yTQSndtEkRolzQdlz9EmhUiPERXbaAp5ZJy3Hi87BCjFKAwtKDwTAX_kFpauSv5m9j52n1cRm6ou_XQ6CsTLtWpVjf7FEwbDEBIaAyX3TtULjA_DlIQ0Yt3ZnWGS1OcRcWzFIk9EOLT6FW7uwKY6qdyiUZ129r9J7A10Z6pL3MXy2T8iFmhnoCtr8asUDBCcrxstC30EnRgryByCt1fhYVqMZfZXM-6mXdoddggxiun0QoEFpGWUnRGcbVNa8fTqvORYsjcqJ3q2xfD-GF1CC17ZNTlNYuOSGViHCv9UEjzmxGGrZdpopRnKz4qKoi9AH6WrHizUYgkv2iUcLcCLbWnvqF5pNZ5mh-TEBx-uu_faD5Ocf3XbgO0-hkcW_C0F30K_LaXoiwB8TpBDvfUp_dISYcLrxNdKoA-7FtR2Snmg1CsboswTptrFkFCNXE57QFbym03O6YYEDD-NARYepckDMEarN5NnrCqZmNhissBY4FmC6eLvw89884Bnlyt_t1ePOtjqBWrX9RYKFSiYF-WsQHBZAmosRmlHNdfl7YZPRVG4h9cwRGHxw1jYo1XCdBNq4rmT28LaisslRmk0yFEFs5nqHyY6F-tDrk9-4GWWwjR8HoxXz_Hgh5Eon3GP9-1EvvBP3rfD8ol0-K8prNFvZvVBz_4hQ23QSUZxw2Id6nLXU1IUBCxSlh_wt3iZrgaVVeSDqDw5F9GPJmS_P5m_2w8p2Fe3nl_f6-MH3gtv0zBT_5FbZMPVBXrsIGz0EpwVNwCzcZdROZgzOGAn60vdBtr4Y72azMsnBZxAqWhC2j_qeupzRto8QAuLqHGfBTm867d7vXpZWaf22Uqu8yJw0_StJonwYehtzZApTKsZtncWzZEaqsBmmeVF0KiSr5q7MUxWRfsJGr-NeCI8S8SRSFGpXzkmM8h3O_R7C1phM5IQNs2GTE4yw7odlC0Sx-Qy8ISzRVer--Tfd8YgdqkTRSD8w1T-yc0RSMHh6pQp3WCknO9GM5kDG91Cz7nQTyMhZq9p5NSioPW1r9x-yn-vVhfA7iK7OIx4HPI6BVTpd1H8_FfxjdPSpXFx8-e_oYjyMYXcstFlCPYUFNyUHkkxA2e_aaNlYTXOUstQaZM82I9c2LbCu_pdhEHRKf9jcyUW38hU6kYh_rodTTxq8WTzDCwQUnmq6eTZbg6P5A5bo1BuTx17P0EaBOSXSsJHvenIFN0CEjg4&sai=AMfl-YS-lnrVdNRVD3mUmravx1RODu8v6fa5Z0Nivut9iOapAfC4bHIjq86pkKTb4UeZqdCjfAEQwQpj9zakmhPMnktxc6Qt0XJIkafECt8A3xFG0pODbYWvEHbU8cAimZx_mPMLdQ1Yd4PTR_PBDURdhucyswLmjz6QiNmv5a5obKadHQ1rNnGD5pC1Nn7TIdmFON6ys4br2mMpbPyJKiOIpg&sig=Cg0ArKJSzGrRnxKwwk5rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=223&cisv=r20220706.93581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 17:01:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 0CE9 43 B
946 B 224ms
60ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008206547&extPm=432126982&extCr=17610765076&gdpr=&gdpr_consent=&rnd=2971824133

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 09 Jul 2022 05:01:24 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 09 Jul 2022 17:01:24 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 0CE9
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdp...

42 B
964 B

98ms
71ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdpr_consent=

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0f321963a.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6Dpni5m7SwQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-09fe25c21.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Zx1VHZDEQSM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=2971824133&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame C834 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6BB 0
20 B 84ms
84ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B33TlY7TJYtGIJ52V3gP8m57QBQAAAAA4AeAEAg&bg=!f3ylfDjNAAaYcLjmuHA7ACkAdvg8Wp3w9k5739f5yF6rHEraRGIV6u6onUz0aky3A10eu0kU2zASagIAAACyUgAAAAJoAQcKAJSuia4NPPpn5RZEAbFUQbT3LxzX222iuOhgRPN4AjkuQqvXzYlDjQADMHiTjQkWZf18M9Va9HE8I40Tl9qu9cgW8oT92V5zT-Fcyw1nm9cIwQ8go43JZRxyeAUIVMfdoVpXqq1hDEtRwkzYoucIiGV5gNtkAROsjFCbfpcNiU2qaakBRbXccDHaVtVb47tUR4jZypEFmQMD2ImcOb8bVyfAu3Ho-WPiyzV3u8w1qtwzdZhzfQil9sb1A_tr7QZtA93yFSQzYj-sxhUgsg_yGMmk-mLwSZ5Pq3SwGwCFB9q2SDJghf2bAbKTlHbr0cHuLE3lucLdi0MOiR27oFUnI9kDeMc47_G1fu0sMQSYUQ_fZ0J1JS02N3_l_8NtD8WyurFDiTyntdw1ZRpVZ46TRVk_kSIAUpr_eDIqwLtIyGRNuFQEGSIp95m77WnVTgpiLb_W3w5DB-g0UJWqtjc0jAk4cM0iWJpCQKsxllON_y_H0TfFtmSPAOFVNKZUiOsc2jZ2ILJIgaJ4JREjjtSIH9ihUdEvjraW1RHUAqg2ImMbfg7FVS58q5c1K9o_VZjWJJXL3ZUZ9boalToqjMnJJq7I5aI2Aqlg4Z5KLybqNY8TDBKIQvCD2ReqpPiB93LiXLKG0ienZ3NAietrkZAWqzLm9S2yvg9_CAhhAp-J2B0Oj-qrvWSreDT2Ox3WBMFLAr7uH45a5xVC4CDfGKNeJ6icHsRfEVGEySCboQoNYcmwe3EVjPo6iF036c9yyoZCRM23rrYxqPqenEqu0dy8CV71Mg7Tdahr3a8OMeZ62w61OJ9xUBktuY5CHHyB_Hl4aiqvkBjaAiX88KLo4b4h0IeTb5rfuG3Ys7JD98E3UXmEpSp_zHDHgaZQ_rP2rD_LSna9jrnsOd_gW0sAg7MDoW3Mk3Tk5HJFyK6AcnmR4SjvVZtzAW-7TxZ6ElxZpc0Ze4Q1g6F9goRvhllkvzeBaC-PZpCEn1sUMOOgxMLNmF7Ag8wG3UEOEeATHtVGXvqzlRRYr8egq54P6Gl3PGG50c9xQAfwHVSAmVDMBx8MN59ej3PEon40kGhkPrQ9ylt9cyNomZi7845LuhkNiiRdJuYjXRFi8L6-Xv4mHSdwTj-XQgt1cBreXH3FtKy5suF1fbmBlLKqy7D1qsELGyi1qH-2mNohBVV--je73xdw99FAoLX8En-lgKmRapnGTNazq4a_gqS7_KZq2S9S

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6DED 236 KB
63 KB 80ms
79ms Script
text/javascript 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 17:01:24 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/ Frame 6DED 50 KB
10 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2c75035573ba50ecea6928f247fead55ba508775205673807af3fcdd0b35e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 12:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10669
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 12:14:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 08CB 7 KB
6 KB 58ms
58ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbef71729d613defc7645cb598c27562173dd5f921a346107f70bac6a041abff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 08CB 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:24 GMT

GET
H3 200 blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 08CB 95 B
120 B 55ms
54ms Image
image/png 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:44:41 GMT
x-content-type-options: nosniff
age: 263803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:34:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 15:44:41 GMT

GET
H3 200 DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 08CB 14 KB
14 KB 88ms
88ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14698
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 17:01:24 GMT

GET
H3 200 DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 08CB 18 KB
18 KB 56ms
54ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4790e20dc6c6f3eb4a6bc1fd744a6c36bac3f3db7a7105fd0ac86c28e6c9f053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 12:52:53 GMT
x-content-type-options: nosniff
age: 533311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18848
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 12:52:53 GMT

GET
H3 200 DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg_1634203481415_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 08CB 38 KB
38 KB 75ms
74ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg_1634203481415_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg

Requested by

Host: 8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
URL: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6918e15d33f6003358cb64a648cf2b174ebfd380f3a1e27eaed3f77c1db69269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=6HaPuXAiJP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 12:52:53 GMT
x-content-type-options: nosniff
age: 533311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39142
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:24:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 12:52:53 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11D0 0
26 B 86ms
85ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYcsBxv8UXclTb-gZPxa7XEyxYxma-ZSu36iTsYHzEOXnsGD6q6Phz53PyU-MMgvqqwmRyo5rdfFpL3aae4b9f3OjUe3wmv3XuWj1GMRwoBAHqjhmHeR1pudqhvQLrqQBS0NgFUDCakbYro-ZE1E5i6oTCd_JL0W-43aggxmaiIDRRMDkSsPJxr3DlUiK2Io7AYrg3qoU6WlC4TAW3sAwRkXVmvlxXgv5wTu7hoc5EHibZTc5GMky2srf9ZV8t13G8EW-WD-rexlgqULeB08Oq9sIE4U5BT5W21Yz6xG9mt_hU7ySjUIh0yEKMUdrIOvVElaKNmwhYNSdtoJMprmcIckB9VG2jjFBJaSzKt2RlsENiaUblCNAkSAzrDegX8OeIG__RQ_TMQrnor5PtreUeDYP5Ag7QaVNovLmqHplN0MIQmm1HM15WZDIPKpJ8wIsE2YwlbyfJ7ayhkAcWD8yzyWQdLDwz6xUOe4ck9lG1W4uhDPYRVPhj0TDQRcxUN9GeN5fYbK6cbRno8EwUrBWOPQBpAHpO-R5tQ6XWT65ctsUMZqotol2JGjhpYohZ-nyN_dVhlxC3MPtgAVOVSqGRiCOFR6H4k7UIUro7CyIyCy93hx8rrBhpSCtJvCvg4vMfte6gYU9zwN9yDfgkaDr_WHSuEY6IxvmSax14oVs58D6PEg3lln5MXhvdG05awKWoaLSSQ0bvRRpZDb0LbYPZKhyfap8WUCO__VXffQAOoHcSrRvJcCJJ8J9_2zC1VZ1Raycv0xAJXAbhC-SfoTVqqj_lU7NtraH6_OypLvTxbCx_nCXyofkwv-5OV4uB18HZSdVWloT4NKDfXj_43cNp99WYvyZK6EkG7EXLtL2KUXZFjzuVFdCAfMkMOBdegp26TFO_qoBWzJQu9VOZX3saa67hauLSJ_PrRpUlCfzatBzgU8VcgkNrCgwBpNz3VzJFBKfdYLouIGxn32uvxJzeaTtHGa65x26jMJ6LsmBWD-OLpFS6jaj7XNB57kfygDNsHdCSnJGQt3ja--1Q83MGUJ7T_2BwfDfvQ2xhS8Q9n-iB23c7MpqqLHd7lQnZ_5a5EtrlAeIkl0d7HM-3mmHi_zbsCrZn7_YoiN2auyYMWEtOe83Xn76QILXUUu5dKjullNyO8vRmeTbCy2yJiRwcgIgrdfJ2k1LgvAYTB6j2fKifQhxfyp5NDlI3pklAgEtVp3mf0HBfXD-WvJ6L8zLPL9Jd_C8Qo22d0R8fpRPX7b0-d871OscmQ1sWtJmwyhs&sai=AMfl-YT1OJeLr1DQfmUkHATq_arEO-dKnuzCV_YZWMJFxZemKfPRsKiyWu-jB3Z55NzbhhS3mVmRz4EKTmBK_0mBqJSThvD2k2V2Lq1_CEwLz_A8vHvhvK9KwBa6ICcMLjmYvbi6UcaXca0ubt1Il0R-WZWTPlTwELN7dfzEIdvMdO9FggzPm594UB9uPcejBkuH6IdOMtLJKexmmxEjnlaNaQqPzcjkg88&sig=Cg0ArKJSzAGYPQCrU4ccEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&vt=11&dtpt=411&dett=3&cstd=339&cisv=r20220706.41068&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 08CB 27 KB
27 KB 55ms
55ms Font
font/woff 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:53:52 GMT
x-content-type-options: nosniff
age: 452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 17:08:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame C76E 40 KB
15 KB 164ms
60ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:24 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame C76E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZLTJYqHSKKfJmLAPw8e0qA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342&ipr=y

42 B
64 B

116ms
71ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2074240918&crd=&is_vtc=1&random=2461646342&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame C76E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZLTJYs3UKIHyxgKC9pCoCA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=36799...
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=367994...

42 B
64 B

109ms
67ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=3679943927&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1174069790&crd=CM2osQI&is_vtc=1&random=3679943927&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame C76E 167 B
262 B 105ms
105ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1321601107748%3Ahid%3A614067491%3Az%3A0%3Ai%3A20220709170124%3Aet%3A1657386085%3Ac%3A1%3Arn%3A999266392%3Arqn%3A1%3Au%3A1657386085223792549%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657386082064%3Ads%3A0%2C135%2C67%2C5%2C0%2C0%2C%2C392%2C1%2C601%2C601%2C0%2C600%3Aco%3A0%3Ast%3A1657386085&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

006f517ff11b19cbac3b0275ddaa991b5d034b7159b3589783859b3b21645810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:24 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame C76E 43 B
84 B 102ms
101ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:24 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 18:01:24 GMT

GET
H3 200 bg_wow.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 1 KB
1 KB 55ms
53ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/bg_wow.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d22c8a80e52af612e5a186582044338158fa5f45350cd506f4448a6593b8db11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:18:25 GMT
x-content-type-options: nosniff
age: 290579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 08:18:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C834 0
20 B 84ms
83ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf8DRZLTJYsLzAp2V3gP8m57QBQAAAAA4AeAEAg&bg=!ZGelZyPNAAaYcLjmuHA7ACkAdvg8WkpFKMemmm0bBvQDlQ6dPhSo9UJ923CzyZjtQqpc6i-7AaxKSwIAAABsUgAAAAJoAQeZAvVfXDgyKYn6xCcpjivHEcpL0qzluu2iDlWxdLsFt_ZZZcLhOqiGrMYuGQjAl9J3eutrfodsx9synghuav12tlnglpFvXuJCkZwPaepvlAdweVpeF2u1atCPWzX1iM_Ktd5fuo5cIAL6lAtNla0NZQEy5i72vOA8pRoEhISDXwL6u94AJ85RDP_DpjVyitMz59GGKZLlMEiFodvtNVE-22dxkZeZa0I6fXavt8JECiJjulf7dxg2DRg5LGQ8oiu0Td2KkQKDUiWZSakznxJLXZZjJll1ZIABpqy8vm0EP4wAxny7lCWSRcBsJeGp7DW-8ukr6hOuME8773aC1fDzyqqkzzMCilKJQuRmRBI1ykPZJEiErVxx63O6tm0lLubZh-Er3OmYXEVgN4uYYXQc4RAS-1-2SwdkaeBb9sZNM3yEGXHSymwbcl6U0XDOfCRNXah6Mubz0A-LBfR0aAc7DOGIJMMlvt3V_nvv9kLB8Eel0D0ukRxss8wuiWfj6N-76avNHJX51nqDrx2Tkn9YON22t4LU25e6EZ_768sLUSEHykoEG5M4LnSNn0XgO5C0O_ofAIh2k9zZMIySEfkZSt9xqQJYzJuxdVrGVJOm6PKNRbjZAatKDMvUQFl-M6wfaGs71IJ1xKr92pIzZhDc0tBkrpN2McMMFXQC--Njc2ceyLhOb5y_MhbFJPTSkYFTAP1yLTn_e9TO2aVtuB_qbQpUSqDMknuwTQnVpvWCEKS931cHDaq09DRK4rMsB4bUHJ4YFfrtwrACMeFKXWP_SZID3X4Ixd72Q97Mq8khUcSm92sN_ZuzE1ncjw_5KHna9n2QazkZIifxOQ6Ot66HITa-inrDCRVP4FQJUUcHZXO7zKnpZHFttUUZu3RHZdSH5r_VxU9GvcWhenHZmzqOko2mZ72vwfR-lYqi7-XTBrfwp65CNm9bPTVavpCWDi3p7yzhZcCJWDsxEzk_xp1BOxJfEBaXU_wM5SsUN3skon_Ix9Qlfjvw

Requested by

Host: 77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
URL: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 64E1 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 13:49:08 GMT

GET
H3 200 K1.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 28 KB
28 KB 54ms
54ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81ebf55769799aa4b2d2cb138767a82b538d5eb649714450e9b80489c5ed533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:00:13 GMT
x-content-type-options: nosniff
age: 295271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28301
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 07:00:13 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame C76E 350 B
385 B 102ms
102ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A1556544356726%3Ahid%3A614067491%3Az%3A0%3Ai%3A20220709170124%3Aet%3A1657386085%3Ac%3A1%3Arn%3A120011253%3Arqn%3A1%3Au%3A1657386085223792549%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657386082064%3Ads%3A0%2C135%2C67%2C5%2C0%2C0%2C%2C392%2C1%2C601%2C601%2C0%2C600%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386085%3At%3A&t=gdpr(6)clc(0-0-0)lt(10400)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7f8f68867eab09839208674ebd4e2bc176c4ae6897ec183bd14801b94e0d65dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:24 GMT

GET
H3 200 K2.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 31 KB
31 KB 54ms
54ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97196ac8e90e6d190ee5aef7a9d1a903d152e5760d6c0d55cb2bc5be7b2e19d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 05:12:42 GMT
x-content-type-options: nosniff
age: 128922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32047
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 05:12:42 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C76E 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657386084712&cv=9&fst=1657386084712&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28a06bc146a2d8ac3a4df3170641c8d608f09ba28169c041757cfe9fedcec1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame C76E 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657386084715&cv=9&fst=1657386084715&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f38b0393d678ab286b51e2f6989460ae13f7b021b0b00f83eafaddc9a5a7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C76E 3 KB
1 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657386084717&cv=9&fst=1657386084717&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e687ba2d5b96ff674b364c2355f4ed5be2c147ae769bb89ab68eea7cc5cc20c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame C76E 3 KB
1 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657386084718&cv=9&fst=1657386084718&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042c643ed24134bf22acf218341dfe7c416dacee8dd2dc3d528a7408a2bbc134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WPOejI_zO0m1PGm0z1Hja40rwq6MuWK0308GW8200J5XjCbY000003YScWE80Xov0j_qTl_dgwDhy0BPzzUz0V050Q06m0791c2a5cHNnhSygGTytVo6oLQeDS07mAkm-W602W682WMe2kW7Y0iugWiGVg4gNdpT002yuAT4OkFm2mRW3OA0W860W82819WEuFYI-... Show response
yandex.ru/an/count/ 43 B
283 B 104ms
104ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPOejI_zO0m1PGm0z1Hja40rwq6MuWK0308GW8200J5XjCbY000003YScWE80Xov0j_qTl_dgwDhy0BPzzUz0V050Q06m0791c2a5cHNnhSygGTytVo6oLQeDS07mAkm-W602W682WMe2kW7Y0iugWiGVg4gNdpT002yuAT4OkFm2mRW3OA0W860W82819WEuFYI-fNGYjiKg0_yklFlcDcLr3MG4FRRYS7ghB7ReW7WbPXz1E0K0TWLmOhsxAEFlFnZy80MXO38W8Q0NvWMyBRwbGQWoHRmFzWMWHUe5mcP6D0O8VWOdFhEm92N_OqSW1c96RFai1dWoDgWzihnspou6V___m706U30XQ3IyEpRGj8P4dbXOdDVSsLoTcLoBt8sE3GjCUWPc0pm6Ve1c1hKmrEm6qYu6mE270rMGK8wGLTcOpP4P64twHo07Vz_W22088WW0T0X____0HC0CyDhc35HF7AU4EE_i1h4Yik2INGEmPItoJWnS9Mnk6mLSCAk-L7wg0p08fMXhdQEA-6FRKsuSnXc~1=WoCejI_zOBG2pHW012kmnazSj0Eod8-GvjVyhxC1W06Kwvszbvo1crg80OIjkSU50P01gDR7kDQ0W802c06eriUuLg01tj6e0TxHnxXMk07Qu_BO8zW1j9AWeW7W0PQLhva1w06W1FW1_9ZUlW6W0exwXG6m0zGAY0MSpmoG1TUl3R05bhC3k0MMimF01QNJJSW5-DuJq0NYjW7W1PIe1i01gGTytVo6oLQeDRW7W0NG1mBO1n3W1uOAyGS00000Y821me201k08X_r2w0a7F6e3qWgfnZ_9-0g0jHZP2-WBdCyCcmQO3Ugfe0wXxYc049h7k270i9220T0GufklNvWHmOGbeH5dPcPcPcRcu16RgZte4QIMbFkXmBA1xu2hm41Up_VEQQRAFvWJ1E0JbhC3W1I0W884Y1JIYxp5lkF3cI2W59Qp0wWKrwyDi1IbWZou5E2d4WBG5D_TrXxO5Do-buy6w1IC0j0LtBwNZmRO5S6AzkoZZxpyOvWMyBRwbGQWi1QZ1yaMq1REdzw-0TWMzjk9mUgiiTkY0O4Nc1UNjRGik1S1m1UrbW7G5z260zWNwgyxw1S2cHYW60Um6CVBffO6k1W2-1YS-ix0a9VzZHo06OaPi-IW6S01g1dCYvgM1BWP____0U0P0kWPc0pm6Ve1WHh__sEcGhe6QeWQm8Gzc1hKmrEW6kZwijpSzAw_PRWQ0_KQ0G0009WRbDixi1j8k1i3s1k0W8201EaR0000e9g-Sq7m6vIkwYRu6vIPa1RO79pF3E0SrwyDwHpn700004muIxq_W1t_VvaTo1t0X3sH7gWU0T0UeEBQzQdubu1Vs1xwsXwW7vh7k26m7m787vg9a57I7mOsCJ8mE3ZP7m000C1vT7L1u1_CzvWgw1-uZemNW22088WW0QaWi224W23W80RG8Vy18G0uuaefGSvHP0ibn60vLviXvaqn_a-hGIIyCaAAv439rHe2gJ9qiOjQThGXoNJBUNLiBaOD8U7WLRZC2FZfSfnLAjQw56EcQ2w8CLbrW5j50YS3OP5wZg4mMP1oNYcTzTJCEzWcu000~1?stat-id=28&test-tag=417814418588177&banner-sizes=eyI3MjA1NzYwNTYzOTk1OTk1NiI6IjE1NjB4MjUwIn0%3D&format-type=96&actual-format=8&pcodever=612088&banner-test-tags=eyI3MjA1NzYwNTYzOTk1OTk1NiI6Ijg0MzgyNSJ9&width=1560&height=250&confirmTime=2101000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ugra.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ugra.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:24 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:24 GMT

GET
H3 200 K3.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 27 KB
27 KB 54ms
54ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d3dc8510f68191b6b2af6f613b0f0a1d59583bfae870ee1a8c940982147dfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 05:12:42 GMT
x-content-type-options: nosniff
age: 128922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28099
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 05:12:42 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame C76E 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657386084712&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2961031302&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame C76E 42 B
64 B 161ms
64ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657386084712&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2961031302&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame C76E 42 B
64 B 64ms
63ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657386084715&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3483376028&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame C76E 42 B
64 B 157ms
61ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657386084715&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3483376028&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame C76E 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657386084718&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3682362845&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame C76E 42 B
64 B 155ms
62ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657386084718&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3682362845&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 K4.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 26 KB
26 KB 54ms
54ms Image
image/jpeg 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa229122eb787ef65850e39e9f4aa7496f2f1d5ed8356a035bedb3139f8b9c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 05:12:42 GMT
x-content-type-options: nosniff
age: 128922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26980
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 05:12:42 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame C76E 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657386084717&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2747813312&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame C76E 42 B
64 B 129ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657386084717&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ugra.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2747813312&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Logo_WOW_FX1.png
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 20 KB
20 KB 55ms
54ms Image
image/png 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/Logo_WOW_FX1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee881663bf9c5f2464f2f0b194d707e4c46801fe391ac108fa91ccfa97ed0ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 03:54:01 GMT
x-content-type-options: nosniff
age: 220043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20220
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 03:54:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F897 0
0 100ms
99ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=55839496238017&bg=!x8SlxIDNAAaYcLjmuHA7ACkAdvg8Wp8mtUEsNd6zsPEqUlBh2bdASb2p3bSDvE7qJN71bdClPa4j9gIAAAC_UgAAAANoAQcKAEs-CxF-pyMekYnCw5m8eE5eZPRT_tc5vFGkAX53Mn_bT2I1ZX2TwWVtRGLicdZyoLC0I9ZX1Jt4YADY9dgcTiIvIGKNmzNaF33lorWZAq29VxNNytbdysd-6Vco-V7CC10SFHSeJ7sKB8e-7nCfTJidQsCUo2DWnlE9Z6q2lQMjoRKzYwRna1eXTvRcE11d0I2Y7hma1OdYvfFxlUGRYpuos6zQNGBKsey9l6FqtUSiTcQAQ2cPMP-bl_6glqEeOay0rEC3PIg2CIa8CUNSaBuuvR96qLElD54q6yLyw-cwyrY1cAlMvA9lhwIqsmP1HlhkWtz3f8TRKm6N0tW3a9AkrQU1kW0jaODErIHDMju3n8EKfI-KvNwHuPlLMkNpsJtbNYHZjjY4l4-ZjcBEfdqn9DRfRX6ScNoYuCQku-d7gjsiq50umm0sFxlzFltnCsVXOg_SXKBT5IpOhfQMJN1q--oZjGf7LG0cc1mA4DYxYHCaaFYu-L1SuLwFJXdRxyYs7wsDhNOlAeuVtIW2Z1vzzjO_tbPX6t3K6k9hkLwxKBLwJ_1lUh3ZjB1Na6BQCqkMxoZ9OLo3mMWDAT2s_4A-9uhC386KIJuYnayL4nD4HDqZLkyInElLNFPNzxWOwHJXwy5r6S-uWEv6FxGr2y4wDSRuxJZwdZ0o_b9vlcBa-Qw1DLZfnJ5s8mdvzy90fq7oMa1ux60otq347hTHP2CaUq6vULWGf9pWiolHcGZZc9UqcLK5MHZy-qOahQ8ZQonozKr4GTzjWHTkA6jbiCbcOcfr-x2nZbbNWPnncokJYJjqNnLAMxzK2nalA35QvwBRVnfCQYF-PuxoRYne9EZL3dFiPE6ySZ551WkkjVBXnO0SFwILMoJcNQkWHiLv9e8FvVw2pt8qrAC96Wz7c-2NIPd8zMRfxMQrlGX1avQcw2UOeF0M1D77SVUmpe_Tw3MEsyAy0xe71tdZo5eZAdRVhDs4ZAV8tM7oXNVibCZ1hjPIsMgXbEHAoqMh
Requested by: Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 Logo_WOW_FX_end.png
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 6DED 22 KB
22 KB 56ms
55ms Image
image/png 2a00:1450:4014:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/Logo_WOW_FX_end.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 03:54:01 GMT
x-content-type-options: nosniff
age: 220043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22707
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 03:54:01 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CE9 0
26 B 84ms
84ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUucZhsmeyBiN0qXhgYXe88F3lojMwjyz3Qm-HZA-9ND0UwmVDpoHkpWEz6NCkPS3ftAhYieskM5zYncJ6g1Om62qasqUjtiwnXGQ9W46yTQSndtEkRolzQdlz9EmhUiPERXbaAp5ZJy3Hi87BCjFKAwtKDwTAX_kFpauSv5m9j52n1cRm6ou_XQ6CsTLtWpVjf7FEwbDEBIaAyX3TtULjA_DlIQ0Yt3ZnWGS1OcRcWzFIk9EOLT6FW7uwKY6qdyiUZ129r9J7A10Z6pL3MXy2T8iFmhnoCtr8asUDBCcrxstC30EnRgryByCt1fhYVqMZfZXM-6mXdoddggxiun0QoEFpGWUnRGcbVNa8fTqvORYsjcqJ3q2xfD-GF1CC17ZNTlNYuOSGViHCv9UEjzmxGGrZdpopRnKz4qKoi9AH6WrHizUYgkv2iUcLcCLbWnvqF5pNZ5mh-TEBx-uu_faD5Ocf3XbgO0-hkcW_C0F30K_LaXoiwB8TpBDvfUp_dISYcLrxNdKoA-7FtR2Snmg1CsboswTptrFkFCNXE57QFbym03O6YYEDD-NARYepckDMEarN5NnrCqZmNhissBY4FmC6eLvw89884Bnlyt_t1ePOtjqBWrX9RYKFSiYF-WsQHBZAmosRmlHNdfl7YZPRVG4h9cwRGHxw1jYo1XCdBNq4rmT28LaisslRmk0yFEFs5nqHyY6F-tDrk9-4GWWwjR8HoxXz_Hgh5Eon3GP9-1EvvBP3rfD8ol0-K8prNFvZvVBz_4hQ23QSUZxw2Id6nLXU1IUBCxSlh_wt3iZrgaVVeSDqDw5F9GPJmS_P5m_2w8p2Fe3nl_f6-MH3gtv0zBT_5FbZMPVBXrsIGz0EpwVNwCzcZdROZgzOGAn60vdBtr4Y72azMsnBZxAqWhC2j_qeupzRto8QAuLqHGfBTm867d7vXpZWaf22Uqu8yJw0_StJonwYehtzZApTKsZtncWzZEaqsBmmeVF0KiSr5q7MUxWRfsJGr-NeCI8S8SRSFGpXzkmM8h3O_R7C1phM5IQNs2GTE4yw7odlC0Sx-Qy8ISzRVer--Tfd8YgdqkTRSD8w1T-yc0RSMHh6pQp3WCknO9GM5kDG91Cz7nQTyMhZq9p5NSioPW1r9x-yn-vVhfA7iK7OIx4HPI6BVTpd1H8_FfxjdPSpXFx8-e_oYjyMYXcstFlCPYUFNyUHkkxA2e_aaNlYTXOUstQaZM82I9c2LbCu_pdhEHRKf9jcyUW38hU6kYh_rodTTxq8WTzDCwQUnmq6eTZbg6P5A5bo1BuTx17P0EaBOSXSsJHvenIFN0CEjg4&sai=AMfl-YS-lnrVdNRVD3mUmravx1RODu8v6fa5Z0Nivut9iOapAfC4bHIjq86pkKTb4UeZqdCjfAEQwQpj9zakmhPMnktxc6Qt0XJIkafECt8A3xFG0pODbYWvEHbU8cAimZx_mPMLdQ1Yd4PTR_PBDURdhucyswLmjz6QiNmv5a5obKadHQ1rNnGD5pC1Nn7TIdmFON6ys4br2mMpbPyJKiOIpg&sig=Cg0ArKJSzGrRnxKwwk5rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=866&vt=11&dtpt=641&dett=3&cstd=223&cisv=r20220706.93581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ugra.kp.ru
URL: https://www.ugra.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11D0 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoxcu-22Dpc-9k2HbYyfbPcWRgv6glCVhs9kthhLhlB2bcGUDi2Fu83l4uLTbEv9X6b1KyahhXufjvhJCincn0nbjmw3oTHd7NKCAfGcopeGR8o4EXFRBHmqiJuSIRYxArlyopO_m1CKKhJw&sai=AMfl-YSRsVl4tmyPZzSDZrEtU44Qev_jGgW-KdsL-ElfgRaNUzMvJbwK0fF1bNALklw8DA90l5SvMvmLQEWlCBC4CH65qZvgCSfYOlj6yN-doPjwnbGWMuis57Qpx3DJpas&sig=Cg0ArKJSzIMVbFPgUuw1EAE&cid=CAASJ-Ro3B8caAsEoPBgThIoKxpl8_LmXDU6L4sGxW9QBODarNnf8eRZdg&id=lidar2&mcvt=1001&p=389,1529,429,1570&mtos=1001,1001,1001,1001,1269&tos=1001,0,0,0,268&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657386083286&rpt=538&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 99ms
99ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=62fde07ea242843b&pm=bmp&pxo=2fpL3bYSyDqPeKEReJhwQWSOKE82VP9rWMs1IWq6-7LSLRVRVCJSKE6tzXn9yuKfrm8LZvcKUE2MXrCf8mhtvf-4gF-dK1kRwL1uUtJpQl5tAommppvePUz4UCcikVQxAogTi3Hj05vKxNrOpg4TgJNf18zHaKVxQadRMwO8nUdPGHg%3D&p5=gwaok&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgoo&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxitMliZCrhUdI3j0Voibzt&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fbao&rand=pukzlj&sj=gSzMN4VZxEsWx47728qrEYS7tEQW2dWzl61IVglOwrZ6gR-_YoYUAJ-N9QQ42w%3D%3D&puid1=adv-1657386081300-370&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CE9 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqxsw2BKliGD_pNd27zZnh-tL-U_s98-EczIDrsbaZyv36ACw-jcs47X8lbJfI93Vjn19fU_-6STlry27WcAOjGIuKO3A_rFBWEAwsFrn85OA6tHJ6XuDhI8BZR-f9nA-65z9OdscfgFyX&sai=AMfl-YR06Oqwc-5HNMRlXxQF_wYcx0a8VXcnNNnKhU5tyt7pzt6ZaXnm1Dot7J-DBYLHXF2NUU6fnfukQGE76b9D5LTCCKOfvK9IFHz5mC5JchDlGijLZ99nIs7HTO0&sig=Cg0ArKJSzOw5WHr7quykEAE&cid=CAASJORoaxDvtF_3SERh9fPv4Xm3rzorUoydAy5E80aju_8glz3PGw&id=lidar2&mcvt=1000&p=486,1359,526,1400&mtos=1000,1000,1000,1000,1131&tos=1000,0,0,0,131&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657386083857&rpt=388&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 107ms
106ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=90941e8214e71b31&pm=bmn&pxo=MqoAiHJFIWVuRHBHzrd4xx-wcNYeB72T-mcY3CYuvlcPzHg9y6CzmLge5M2hX4jiec3zNl60PT-_WpqzGTM4ysOhMdPS9M2qyOTWiEIMiEjOnd0RBuedAtO_iImIGviiqDH_TCVOu7OzpuHyXVZfJLH5nozb5uZkYeO7hxeII65hZCG7CqmK&p5=gwdbk&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=fkwundr&sj=GEKOhEvednYUOGvnMTdyjXQt3QcO-9lIL8PS7fLaaldBppY5E5-uWtEDBv97LA%3D%3D&puid1=adv-1657386081294-909&pr=nfjqfyy&p1=cdinl&rqs=YKQWZFfGtzxhtMlih77ALQd_lqpGCQFw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 101ms
101ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=31f043a585fc5f1b&pm=bmn&pxo=2fpL3bYSyDqPeKEReJhwQWSOKE82VP9rWMs1IWq6-7LSLRVRVCJSKE6tzXn9yuKfrm8LZvcKUE2MXrCf8mhtvf-4gF-dK1kRwL1uUtJpQl5tAommppvePUz4UCcikVQxAogTi3Hj05vKxNrOpg4TgJNf18zHaKVxQadRMwO8nUdPGHg%3D&p5=gwaok&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgoo&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxitMliZCrhUdI3j0Voibzt&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fbao&rand=okedje&sj=gSzMN4VZxEsWx47728qrEYS7tEQW2dWzl61IVglOwrZ6gR-_YoYUAJ-N9QQ42w%3D%3D&puid1=adv-1657386081300-370&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:26 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 109ms
108ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f2fe3f59976d86b9&pm=bmq&pxo=MqoAiHJFIWVuRHBHzrd4xx-wcNYeB72T-mcY3CYuvlcPzHg9y6CzmLge5M2hX4jiec3zNl60PT-_WpqzGTM4ysOhMdPS9M2qyOTWiEIMiEjOnd0RBuedAtO_iImIGviiqDH_TCVOu7OzpuHyXVZfJLH5nozb5uZkYeO7hxeII65hZCG7CqmK&p5=gwdbk&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=fpzbjev&sj=GEKOhEvednYUOGvnMTdyjXQt3QcO-9lIL8PS7fLaaldBppY5E5-uWtEDBv97LA%3D%3D&puid1=adv-1657386081294-909&pr=nfjqfyy&p1=cdinl&rqs=YKQWZFfGtzxhtMlih77ALQd_lqpGCQFw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:26 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 101ms
101ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=81c0b82028d8d866&pm=bmq&pxo=uqSUVNR_jwy0KmzPzSa8JaNtz-wTt5_acF3fXn9cxEsxvPYlTkKZ_I42A1hdWKzY5KcwGuc8b_kPc1sm66yb4Ka1e9F1svy6CkQI73xyaRE2cL2P8302Wex2_q-ZFO7YmAiP1_sNHsZ4jcHCWEzErypLB1pz_L9vTqrqlC6efVAD-hje&p5=gwefg&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgon&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxhtMli77fu5xaM4bc0qOqy&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fxjd&rand=kajiwo&sj=9MqiHDp8zgh3dcTzmioQNh6ByhkCeUsusQJsS7evQM6vuFI-D4f6I2WulFM8Yw%3D%3D&puid1=adv-1657386081298-109&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:27 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:27 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 97ms
97ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=534a4c276a81638d&pm=bmq&pxo=2fpL3bYSyDqPeKEReJhwQWSOKE82VP9rWMs1IWq6-7LSLRVRVCJSKE6tzXn9yuKfrm8LZvcKUE2MXrCf8mhtvf-4gF-dK1kRwL1uUtJpQl5tAommppvePUz4UCcikVQxAogTi3Hj05vKxNrOpg4TgJNf18zHaKVxQadRMwO8nUdPGHg%3D&p5=gwaok&ad-session-id=2442361657386081353&utg=oxum&lts=fjmwgoo&ytt=417816030347269&ybv=0.612088&ylv=0.612088&dl=https%3A%2F%2Fwww.ugra.kp.ru%2F%3Fsection%3Dsociety&rqs=YKQWZFfGtzxitMliZCrhUdI3j0Voibzt&pr=nfjqfyy&puid3=top%3Aregion&rtb-si=b&puid2=society%3Aincident%3Atoday%3Aemergency%3Ainteresting%3Akoronavirus%3Acriminal%3Asport&p2=fbao&rand=jtcffth&sj=gSzMN4VZxEsWx47728qrEYS7tEQW2dWzl61IVglOwrZ6gR-_YoYUAJ-N9QQ42w%3D%3D&puid1=adv-1657386081300-370&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ugra.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:28 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:28 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.bidvol.com
URL: https://ssp.bidvol.com/rtb/pl999

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:32	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:32	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 04:33:10	Name: w3k Value: e502e101-2d71-44ed-a4ee-e556c486c271
.kp.ru/	1970-01-20 04:33:10	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJlNTAyZTEwMS0yZDcxLTQ0ZWQtYTRlZS1lNTU2YzQ4NmMyNzEiLCJqdGkiOiIwYjZhMzcwNy0zMGIyLTRkZWUtYmMyMi0zNmI3ODRmZTVhNGMiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiYzNlMGRjNzBjZTJjZDlhNGJhODRkZjQ1ZjM3MmM4ZjgiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA3LTA5VDE3OjAxOjE5WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudWdyYS5rcC5ydSJdfSwiZXhwIjoxNjU3OTkwODgwLCJpYXQiOjE2NTczODYwNzksIm5iZiI6MTY1NzM4NjA4MCwic3ViIjoic2Vzc2lvbiJ9.Q8NGzAUNAj3abJDcq4bwEhCTdXQzPieAoMBKVdDDRaZuz1KwwEDaby-TlSZrHyZ18nPI2l3tp2xEDGE2wrxRL3G1TK8N68iWT50rOc1zihjrfJWojwfoE3N9fnCJePxKbEFqvH9ajHWPXolnT4M9RXau-liHUOmLEaEFTKH2KlUlLs-UXEHf4hW0qBppSgsU1YEQkgvEsmzvpHFtHEnnfPIZNu5vlozoVnBdV56pIzC_lHRFG28c7Sl06KXr80uRSe0_H5NzD-hDYmMp34USymdK8JwInQdea5xHFAskQ7V3zXA13vUFrCQjinhf22o11UqFoBBL2qDJ7jDG7R4hzQ
.yandex.ru/	1970-01-20 21:54:18	Name: yandexuid Value: 4375183641657386080
.kp.house/	1970-01-20 04:33:10	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.SCmeXtMDy3uVeYt97e9LZtzH2hUKKoV0lsWuJQCzpelZZKofCEnqFW_u2GMIDagHSOhmGc6OJZFUAVnD8NtbvnLnRxbvRyQvwAkuz3g-Wl27Ugbvh4J9UXJgVPR6qY925_gPvJtzxD8-GzkFMbRC3UcrISAjWM0_wnDXHF27G7BJ8nsrdojwgm9P6y66f4AWZ-kUoC0FNYAerm__zubJ95yMzMpV3EEci2GMgJirls2VsA-mrM7Il_51FPvue-g-onp5cT1_pZOwBVBUnhs7WXJ2aSGu4opAjFuiGILB5lDZzLTWbNUqLsn_8bu6nrmjQS_2TYk4InMYQF94PmSSOg.EgbmFjuAvK6Lh5Z0.UAgfs_g6rA9BfIgcgVUN94Xe.gnW9KFXY3-o4EGemJJXOMw
.kp.house/	1970-01-20 04:33:10	Name: w3k Value: d21ad026-4692-49a7-a6e6-8bd58005c750
.kp.house/	1970-01-20 04:33:10	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJkMjFhZDAyNi00NjkyLTQ5YTctYTZlNi04YmQ1ODAwNWM3NTAiLCJqdGkiOiI5OTdiNjIzYi03NWMyLTQ3ZGYtOGM5OS03MzZlYTc5MjJhYmUiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjU3OTkwODgxLCJpYXQiOjE2NTczODYwODEsIm5iZiI6MTY1NzM4NjA4MSwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiM2U5YzJmODUyZDY1YzRkYzBhM2E3YmM0YmYxMjI1YTIifQ.kBwQa8wNPDZl1RdKhIcBDIpRyzONhr9mDWX6qcGEM2rC5_BbgR_MJrX9yJhLlZKsfpB0NLR5jL6v-uj5P6o2JHWzBKwTao7XGiq1SrYfOzn94Stl4o6cPhFL71m27C6i6lXBJXApNoNheI8peGIbawpRnD1OhdmkU_myYAYNdDkbOEfO3f_kjKZlhV_VxZjdAdMybDKftqCuFGUcfon5z3IdueqXB9Y48oUlgGsBsqt9MeHMSBw4iUujBrGmVJV-JyMwLJSqwaF6hlPbFVHvJGR-4mpk8mOctdxVZ-IL1Bi2NZU5myDA7dUMmetaVrcbmXshgV9K1jwSWPcT6sbWuw
.exchange.buzzoola.com/	1970-01-20 05:06:18	Name: uuid Value: f3e7fa04-a4aa-4415-5f28-4abaacfacd00
.betweendigital.com/	1970-01-20 13:08:42	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:08:42	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:08:42	Name: unm Value: 1
.betweendigital.com/	1970-01-20 13:08:42	Name: tuuid Value: 90652179-f188-52be-99a1-e4cdfb6850ac
.betweendigital.com/	1970-01-20 13:08:42	Name: ut Value: Ysm0YQAHL9iG2mmdhVcsJUROnpDcNBsw7QbyKA==
.exchange.buzzoola.com/	1970-01-20 04:43:15	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.criteo.com/	1970-01-20 13:44:42	Name: uid Value: 5354c9bb-8c48-43ab-92ad-cc33386c8637
.24smi.net/	1970-01-20 13:08:42	Name: smi_uid Value: 5j2ut1lpR
.kp.ru/	1970-01-20 13:08:42	Name: chash Value: N22ak8FICu
.yandex.ru/	1970-01-20 21:54:18	Name: i Value: k5UzO/nkH+xbDz8Z33OCoBiShuMb0oLI9Mm3ahejwcaSgJ4/cch+FG+kbCYzSV8MXwGCZspyBOUrNZm9i8Fzn8mU3co=
.kp.ru/	1970-01-20 13:44:42	Name: cto_bundle Value: l6yMm19HSGRlM21UJTJGTzc5UGd6c3NXSHhibWZTTTBWbFpSUlVYOTlkbXV3JTJCWiUyQndVcnM3ak12RXhVb3FXbEg4QjhnTmlTU1hGNUNFSktkSlcwR1gyNHF4YTFBb3kzNjkzJTJCTmFzSzRlRk5lblFQTlAxRWJnMXdSb0xxbFRoeVdCR2I0RUtMczdYSEd3Z0tWQ2xkeHolMkJBYmxzbkNRJTNEJTNE
.mc.yandex.com/	1970-01-20 04:23:06	Name: sync_cookie_csrf Value: 3231508658fake
.ugra.kp.ru/	1970-01-20 21:54:18	Name: _ga Value: GA1.3.643179259.1657386083
.ugra.kp.ru/	1970-01-20 04:24:32	Name: _gid Value: GA1.3.4182613.1657386083
.ugra.kp.ru/	1970-01-20 04:23:06	Name: _dc_gtm_UA-23870775-1 Value: 1
.ugra.kp.ru/	1970-01-20 04:23:06	Name: _gat_UA-19328520-23 Value: 1
.ugra.kp.ru/	1970-01-20 04:23:06	Name: _gat_UA-23870775-31 Value: 1
.yadro.ru/	1970-01-20 13:07:30	Name: FTID Value: 1YoRHZ3KFWuM1YoRHZ002Kgw
.kp.ru/	1970-01-20 21:54:18	Name: _ga_8MQ0FGXD1P Value: GS1.1.1657386083.1.0.1657386083.0
.kp.ru/	1970-01-20 21:54:18	Name: _ga Value: GA1.1.643179259.1657386083
.mc.yandex.ru/	1970-01-20 04:23:06	Name: sync_cookie_csrf Value: 2122189314fake
.kp.ru/	1970-01-20 21:54:18	Name: _ga_DK6QSEZVBS Value: GS1.1.1657386083.1.0.1657386083.0
.yadro.ru/	1970-01-20 13:07:30	Name: VID Value: 3B_1j42GbaOM1YoRHZ002C6y
.kp.ru/	1970-01-20 13:08:42	Name: _ym_uid Value: 1657386083810462324
.kp.ru/	1970-01-20 13:08:42	Name: _ym_d Value: 1657386083
.yandex.com/	1970-01-20 13:08:42	Name: yandexuid Value: 4375183641657386080
.yandex.com/	1970-01-20 13:08:42	Name: yuidss Value: 4375183641657386080
.mc.yandex.com/	1970-01-20 04:24:32	Name: sync_cookie_ok Value: synced
.kp.ru/	1970-01-20 04:24:18	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2263692951657386083
.yandex.com/	1970-01-23 19:59:06	Name: i Value: 3W064gHUz2qgR1KXI6lVdAuWZqKps5JK3EuQVhkNRAy85awuaYmppiY/GQVs1zpmX//KQ6ojdyG/Ayz19DB1UgHspGY=
.tns-counter.ru/	1970-01-20 13:08:42	Name: guid Value: 39F1692C62C9B463X1657386083
.yandex.com/	1970-01-20 13:08:42	Name: ymex Value: 1688922083.yrts.1657386083#1688922083.yrtsi.1657386083
.adtriba.com/	1970-01-20 21:55:44	Name: atbgdid Value: 06a76ccb-403a-4927-a762-13d5be3eb645
.stat.media/	1970-01-20 13:08:42	Name: _sm_uid Value: 6fd42091-d7bd-45b9-886e-d4347464f09b
.stat.media/	1970-01-20 13:08:42	Name: _sm_udt Value: 1657386083719
.stat.media/	1970-01-20 04:23:07	Name: _sm_sid Value: f530df37-e3a5-42e2-a0a2-17452a4372c6
.stat.media/	1970-01-20 05:06:18	Name: _sm_cm Value: 6
.doubleclick.net/	1970-01-20 13:44:42	Name: IDE Value: AHWqTUnxr_G8ibAqwoFpRSrYrBk9WHKhXEaifhjtQu8bJ0qcGFYgiEWf4TvprdnzuTE
.casalemedia.com/	1970-01-20 13:08:42	Name: CMID Value: Ysm0Y7HoQnV17O7zN6CbJwAA
.casalemedia.com/	1970-01-20 06:32:42	Name: CMPS Value: 1105
.casalemedia.com/	1970-01-20 06:32:42	Name: CMPRO Value: 1105
.kp.ru/	1970-01-20 13:44:42	Name: __gads Value: ID=305b2af02f7578b5:T=1657386082:S=ALNI_MZyMZNGib8iyyxLExOPquTqEE7bfA
.smi2.ru/	1970-01-20 13:08:42	Name: _sm_uid Value: 6fd42091-d7bd-45b9-886e-d4347464f09b
.smi2.ru/	1970-01-20 13:08:42	Name: _sm_udt Value: 1657386083719
.smi2.ru/	1970-01-20 04:23:07	Name: _sm_sid Value: f530df37-e3a5-42e2-a0a2-17452a4372c6
.adnxs.com/	1970-01-20 06:32:42	Name: uuid2 Value: 4411641625961867174
m.exactag.com/	1970-01-20 06:32:42	Name: exactag_new_gk Value: cc66fb5d4a5343378a68dc0b3b249cbc%7c07.09.2022+17%3a01%3a24
m.exactag.com/	1970-01-20 08:42:18	Name: exactag_new_uk Value: fb420b2e3c834df5b076c5dc116dfb5f%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 8d47540faded41678326e01c
.adnxs.com/	1970-01-20 06:32:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?_ns94S!]tbPl1M>e)ZlrFUfJ+tGXxoeAmM43AeZ)]ETj+'AF2rha_*0n_K?^CgKQS=3If)y3KL9D3I?+W>+>HD
.yandex.ru/	1970-01-20 21:54:18	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:54:18	Name: is_gdpr_b Value: CI+ICxC0fRgB
.travelaudience.com/	1970-01-20 13:53:20	Name: _tracker Value: %7B%22UUID%22%3A%227A7FB323-86E8-49C9-AC44-AC0D7F6C9D3E%22%7D
.casalemedia.com/	1970-01-20 06:32:42	Name: CMTS Value: 1114
.de17a.com/	1970-01-20 13:01:30	Name: guid Value: 1.5872824943632603686
.w55c.net/	1970-01-20 13:53:20	Name: wfivefivec Value: iaO54IbS1OadPC5
.demdex.net/	1970-01-20 08:42:18	Name: demdex Value: 62626273722311166432054504550598940282
.skydeutschland.demdex.net/	1970-01-20 08:42:18	Name: skydeutschland Value: 62626273722311166432054504550598940282
.w55c.net/	1970-01-20 05:06:18	Name: matchgoogle Value: 5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1565b43654e41150398d11eac25cee50.safeframe.googlesyndication.com
77821919f031d6864ccac6a7b34b9046.safeframe.googlesyndication.com
8985d954c75304fe528a80a9050843fe.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
d.adtriba.com
d5p.de17a.com
data.24smi.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
img.24smi.net
jsn.24smi.net
m.exactag.com
m.ugra.kp.ru
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pm.w55c.net
region1.google-analytics.com
s0.2mdn.net
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s11.stc.yc.kpcdn.net
s13.stc.yc.kpcdn.net
s15.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
smi2.net
smi2.ru
ssp.adriver.ru
ssp.bidvol.com
ssum-sec.casalemedia.com
stat.media
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ugra.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
ssp.bidvol.com
104.18.18.126
13.32.121.72
138.201.34.239
142.250.181.226
142.250.185.130
142.250.185.162
172.217.18.2
178.250.0.165
178.250.2.146
185.147.80.106
185.162.95.72
185.184.8.90
185.89.211.116
188.42.191.196
195.209.111.13
195.209.111.20
2001:4860:4802:34::36
2001:6d0:4001::226
213.155.156.168
2600:9000:224a:be00:8:48e:53c0:93a1
2606:4700:10::6816:294a
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:800::200e
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c0a::9b
2a00:1450:4014:80b::2006
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::5:114
2a02:6b8:a::a
2a02:fa8:8806:13::1400
2a03:90c0:41:2801::254
35.190.0.66
46.161.36.3
52.213.150.8
52.28.179.158
52.31.65.246
52.58.18.216
66.155.71.25
82.202.225.240
85.14.248.72
88.212.201.204
95.181.181.12
95.181.181.82
006f517ff11b19cbac3b0275ddaa991b5d034b7159b3589783859b3b21645810
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0370d57956363af1d6118ef32782731cbfa05e52bf77d01c50bb1ed82c4f6366
042c643ed24134bf22acf218341dfe7c416dacee8dd2dc3d528a7408a2bbc134
0608ee85a88bde83507e90bcf0f22f071678ca8afa36c0fa1d38925293242e12
0b1b6c8339cf3ab9f2f8cff423710022b2bc3d0537bb6d0fc64ac5e63cc1e53f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11f4ef58e438c2d6ed91c424a75e5027d259a78db4fea9973a23d9e1854c036b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3
14831b2eeb5f17752b56a1afcabc18bd024666b292086fae6f2e3c7426c6f160
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1c34f66d3695cf41b97f68390be2cce4f1dcaac226fc70f72193faab10ca2ef0
1cd5229fbc7d3b5e3d51d05456dfdec0f17ea31135cf562a7aa428de5725c442
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
1d3d2ccb80220d3a90bcf87e2551b617a40a4ca50f661cb57ca565eb4fb47167
1d3dc8510f68191b6b2af6f613b0f0a1d59583bfae870ee1a8c940982147dfad
1dfa3dc572718e898191d89c0278e9d756908277507f722f9088b695c302d47e
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
23e97922484eefbb08ba0219f5a783e633edb83a80c14e2261a830c1688cc037
289f6b5aaf6efa55363a2b608a2068c616a2d301285a39f88718ac7bd576f61d
28a06bc146a2d8ac3a4df3170641c8d608f09ba28169c041757cfe9fedcec1b1
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29f38b0393d678ab286b51e2f6989460ae13f7b021b0b00f83eafaddc9a5a7d8
2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9f59159e8fa0bcbd5a8b3544795d657dae1a659d29b0231ab2283707443901
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
350d787aff25d785b8e43b6b8c77518b5f219737a95884885c2f8f258dd06545
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
36e953c55ffb65ac84fcac7de82393e4ebe449001547c35f7896fb2e768feb39
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7cb68abebddb8481e02aa86c09a9f5bb92143703ad0c5309bac5b393168dbc
3f86c95d3dbee19d6da8130eacad7c899af9fbd6f71aed80a964e0ef9cc88597
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
45b2c3c930fa002229b12629772b76df75492d551d2b069bdb5a1c583921704d
4790e20dc6c6f3eb4a6bc1fd744a6c36bac3f3db7a7105fd0ac86c28e6c9f053
48231dc94743e31cde69b405dc1dc42a4c4fb9fd05eab29917ea91eb2f76c4e7
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
49e907246dac1df690c91bdf0b7ab96347102f2b7fa94dc9d6b82a1282695ccc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5131de421703e124ca26032ff617bd72d555679f79ed7a48f7b35a5ccf32da51
52b058a65d9f5c918e55f54737e32500c0be7d19f9c5c45241f70aad43f306e3
537ee0e3c85284942eab5e6a1a6c4707aeff40f93fcf3d3c410ef29dc499345f
541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58d179c4a572d84ea10a6da7771b6ebd190f6d22b1850786fa7409ecabbb6095
58e86853daa2e15aceeedf3c6a163d3eebe91c03a8d2ab6aed4442092e471862
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
5fc8198adbb9f94e7dfa57e8039cbee32819ba1754d68f415a1c2f64e5f84d44
602c38516ef4de091944688587eae36fbdd287591f075a6d7eaccb39d71aa084
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ab21dbb12a76dc0ee575d6857d9da13185c4cbd4a3b5c350b89acfb4335a45
65106e3aa4a2e2770276adddc0ea0f89ec41bcc17c33683e9aec38777e6aef06
677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b
6918e15d33f6003358cb64a648cf2b174ebfd380f3a1e27eaed3f77c1db69269
69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c26edb88579f65697111486238db2696af203daa4bb568c2aab5baffacc9f9c
6d4448a103f0dc071aadd495b1f4b412b34d8b54accf26aa1c6921b10d353fc6
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
701e10e8bdc33d696bcc7f66dd5eb676fa5daa8ccd219fb7804646a136565c67
73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3
737520ba1c13b8233e07e8d76e1bc3d126d3e47f389d5f5806cf9b0a738cd62f
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
74c481a71d53f04f254cfd913d296b166658b52de2742d59a67f30a45bae10c9
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7a20941881072195453b90d213070e315468c46b9d2a330bfbb4d34dcd918151
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
7f8f68867eab09839208674ebd4e2bc176c4ae6897ec183bd14801b94e0d65dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
8e2c75035573ba50ecea6928f247fead55ba508775205673807af3fcdd0b35e2
8fc362cfb5f5c2b6b8653387f428d925b0c30d0c357c8ebce07434495bf4d671
901fa2834b7566b2c1bb6fca8eebe05f76cabed87ca476b1b3a1e2337c0b5073
914adaddf018cd043174b905ceef50d08be529ded36c7f45c62ba15cfc063464
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
961d65ef493469ff3c06009c02c2c6f73ae82f402d52310369112a2635e6dbbe
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97196ac8e90e6d190ee5aef7a9d1a903d152e5760d6c0d55cb2bc5be7b2e19d5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf21bf3d6a5a54d3d5961c60e2bb30db01ac879e88d0411e7b3496634f1e456
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d435ba3f0f5b528c7ac02db3ad54c6beffb83f755ad234f41d680ccccb13692
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9df0583ba13699e97b42abfbb4cd9e6e12679a03297b7734a09c1b2a4e464472
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9f7cad8b5dbf9fd3260aa5637495686a9fbb7ee3166b0028e7465dff59453d36
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fc9ce953c684addb5f932dc5883893a2cf89c918121a4e52baf4475243e100
a258dcd29961e7b1fa42b20e47d0ba475c3fda323dd3af37520ff5e85e92a8cd
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a793701d1ec2a60894d52b6df5cb5ef88d9d81d62513a2eaf40e8aa5f75753ca
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
ac8d3fe12437c229e9a279b5c7ecb68bc004f6f0fadd82b55f9d28bfec72edef
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aefea24fc1738f266eda68ba7b582545d4f257b3c8f583cd38c35f6ff327d55a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ad439184ed0326ef44487d831b75ad1b17b862855679ca9737a2a373896a79
b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d
b70ae1740697ca3703ea48dc781426ddffcf115e4b3541059511965db9c3b14e
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
ba40056c60a1bee346d30b08da05bcc9e10bfc9dee010eac6872a71577558aa4
bb3bd540f7e4f2cc50b18558922d8d4de54044200d09c2dc3edd6e3e9a831866
bbef71729d613defc7645cb598c27562173dd5f921a346107f70bac6a041abff
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c38304836e04b7716a488a306c73b01707b0cda8e2a48b9888e996a0affd7a7f
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
ce03e656b2a1b9480f43d2c04e1f4ee99dab46ee1696a222168f4c249b968c13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0339760d0d6bcb0c9c7521b736fa49a20b17da50ab5289b573402c0305b2f40
d22c8a80e52af612e5a186582044338158fa5f45350cd506f4448a6593b8db11
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49
d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275
d81ebf55769799aa4b2d2cb138767a82b538d5eb649714450e9b80489c5ed533
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e18f09d5c345543ce30409b7a640f9f3847c0f05b4b5d627d0ca76d8e7e19202
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e687ba2d5b96ff674b364c2355f4ed5be2c147ae769bb89ab68eea7cc5cc20c5
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7c769f71b17542bdd9fa9e1f444ef46987979487c51328eb1abfc12c55eab08
eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a
ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c
ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f
ee881663bf9c5f2464f2f0b194d707e4c46801fe391ac108fa91ccfa97ed0ef9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fa53225ccf4f71a9fc5a327bf33c1771673b994abdc9a21f9cb97f30c1b51a
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f72ff95e07ddab0edef4c410a4bc35b5274eea8906da7b11a3ffbfa475501590
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f8c2ae444f364a5379a92fe66c8477ecadf6cfe1d3c8f9b22d50d0dd9833ea2a
fa229122eb787ef65850e39e9f4aa7496f2f1d5ed8356a035bedb3139f8b9c1f

www.ugra.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

91 %HTTPS

56 %IPv6

46 Domains

79 Subdomains

62 IPs

12 Countries

5609 kBTransfer

11615 kBSize

69 Cookies

31 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ugra.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

91 %
HTTPS

56 %
IPv6

46
Domains

79
Subdomains

62
IPs

12
Countries

5609 kB
Transfer

11615 kB
Size

69
Cookies

329 HTTP transactions
12 data transactions