www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pda.tumen.kp.ru/
Effective URL:
https://www.tumen.kp.ru/
Submission Tags: ru h8 kuzelovi sub l4ing ddos Search All
Submission: On August 22 via manual (August 22nd 2022, 7:06:27 pm UTC) from UA — Scanned from DE

Summary HTTP 263 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 32 domains to perform 263 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.tumen.kp.ru.
TLS certificate: Issued by R3 on August 8th 2022. Valid for: 3 months.

This is the only time www.tumen.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
14	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
33	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
2	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
16	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	159.69.141.123 159.69.141.123	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.15 195.209.111.15	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	65.108.236.88 65.108.236.88	24940 (HETZNER-AS) (HETZNER-AS)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
3 26	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
2 10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3 12	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	46.161.36.3 46.161.36.3	49505 (SELECTEL) (SELECTEL)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	46.161.36.24 46.161.36.24	49505 (SELECTEL) (SELECTEL)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	82.148.14.206 82.148.14.206	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	82.202.225.240 82.202.225.240	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
263	51

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

pda.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s11.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s13.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.141.123 (Georgsmarienhuette, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.123.141.69.159.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.15 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.236.88 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.236.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.36.3 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp2.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.161.36.24 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp2.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.14.206 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: ads5-2.ssel31.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com 21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com	345 KB
33	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 395274 s11.stc.yc.kpcdn.net — Cisco Umbrella Rank: 425868 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 403657 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 479144 s13.stc.yc.kpcdn.net — Cisco Umbrella Rank: 444121 s10.stc.yc.kpcdn.net — Cisco Umbrella Rank: 424602	869 KB
22	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	5 KB
22	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1426 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 30072 mc.yandex.ru — Cisco Umbrella Rank: 3880 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25730 an.yandex.ru — Cisco Umbrella Rank: 2470	392 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	472 KB
18	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 11442 banners.adfox.ru — Cisco Umbrella Rank: 74240	94 KB
15	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	3 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	313 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 8811 www.google.de — Cisco Umbrella Rank: 6076	2 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6925	236 KB
7	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 759 gum.criteo.com — Cisco Umbrella Rank: 407	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
6	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 8534 favicon.yandex.net — Cisco Umbrella Rank: 10522	106 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	213 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 11338	62 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20664	2 KB
4	kp.ru 2 redirects pda.tumen.kp.ru www.tumen.kp.ru	104 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
3	stat.media stat.media — Cisco Umbrella Rank: 29300	29 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	779 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 129326 smi2.net — Cisco Umbrella Rank: 47513	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	215 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2016	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11968	1014 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 40366	909 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 65849	627 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	40 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	2 KB
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 50825	866 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 32925	475 B
1	kp.house identity.kp.house — Cisco Umbrella Rank: 415596	2 KB
263	32

	Domain	Requested by
25	s01.stc.yc.kpcdn.net	www.tumen.kp.ru s01.stc.yc.kpcdn.net
23	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com www.tumen.kp.ru 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
22	mc.yandex.com	2 redirects mc.yandex.ru
16	ads.adfox.ru	yandex.ru
14	yandex.ru	www.tumen.kp.ru yandex.ru yastatic.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.tumen.kp.ru
12	www.google.com	3 redirects tpc.googlesyndication.com 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumen.kp.ru
9	yastatic.net	yandex.ru yastatic.net www.tumen.kp.ru
8	googleads.g.doubleclick.net	2 redirects 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com www.googleadservices.com
7	www.google.de
6	www.googletagservices.com	yastatic.net securepubads.g.doubleclick.net 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tns-counter.ru	1 redirects www.tumen.kp.ru tns-counter.ru
4	mc.yandex.ru	1 redirects yandex.ru www.tumen.kp.ru yastatic.net
4	exchange.buzzoola.com	2 redirects www.tumen.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	stat.media	target.smi2.net stat.media
3	sb.scorecardresearch.com	1 redirects
3	www.googletagmanager.com	www.tumen.kp.ru www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	favicon.yandex.net
3	avatars.mds.yandex.net
3	fonts.googleapis.com	yastatic.net tpc.googlesyndication.com 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru
3	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	encrypted-tbn2.gstatic.com	6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.yadro.ru	1 redirects
2	target.smi2.net	www.tumen.kp.ru
2	6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru
2	matchid.adfox.yandex.ru	yandex.ru
2	s11.stc.yc.kpcdn.net	www.tumen.kp.ru
2	www.tumen.kp.ru	www.tumen.kp.ru
2	pda.tumen.kp.ru	2 redirects
1	smi2.net
1	smi2.ru
1	an.yandex.ru	yandex.ru
1	encrypted-tbn3.gstatic.com	6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
1	www.gstatic.com	6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
1	21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ysa-static.passport.yandex.ru
1	gum.criteo.com	static.criteo.net
1	ssp.bidvol.com	yandex.ru
1	s10.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s13.stc.yc.kpcdn.net	www.tumen.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
1	s09.stc.yc.kpcdn.net	www.tumen.kp.ru
263	59

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
tumen.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
amp.chel.kp.ru R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-18` - `2023-01-10`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
identity.kp.house R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
ssp.bidvol.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
stat.media R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.tumen.kp.ru/
Frame ID: F63D6A3CAB1BDC0233C66FE1E019E09C
Requests: 168 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru
Frame ID: 42957F08E0E24D5C1E39CE1D383F742A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 90A99D39BC81E5EC01B45534B4AE5B6E
Requests: 8 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 7AEB364DD51C163F03F41993FE3EC672
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C6E07AF3A15A419D4F934A01B91562E8
Requests: 8 HTTP requests in this frame

Frame: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BAB8F63992259775E3DFAD7F4AD7B5FC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 35DE04BF2368E9D007C7119B343A4786
Requests: 7 HTTP requests in this frame

Frame: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EBF10B0D49D2D0189A30BF205CA66961
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02218EF4232E38FE25B72AE23739AE41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A641CDA88B50E2179128388BBBE6CDA8
Requests: 2 HTTP requests in this frame

Frame: https://21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 098F0D47D5743E8141049AB089B18DAA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC6A2D1D27C009B862418A98DB3296EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46E4A929C47A26ED14A01B2F476AA9BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AA7F6CCB96F7D1EBBA2792F7015C86F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3492BA92F06B78F33095CAE733D9CB8A
Requests: 2 HTTP requests in this frame

Frame: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BBBD73D49C49868DCE201BA52B1CA315
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html
Frame ID: F35CC3467214F28EF702821AC2B50DAE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B8F40CF9A4BDF6B67A6C9C7C5948A6E
Requests: 2 HTTP requests in this frame

Frame: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4C0793EBAA9B15CFC7B42C25C7659DAC
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmNJYfaYq3hHcOYIy-r20vfmVaQlC4vpN1lgGZiGg4oJsfV8On6Lmn_hFoY27A94eyzsCTVaIN92Egll0wn_hrJmG2BI3UoRkfqch0TbV0oW4D-bqvjf_7Hucy-WuqxgrdQxM4CRSgTvIOSbSSY40AWtYJj-if5VFhhuVGHqiKesNGbduEHWBV5mHd4mkQbmwCSZpxUiek3PVjECdIcslwsaE0iVp1B1hUV1Wp4IfRtOiGkBZPzhkL668ahgR75AesXuUbwabUty8jBYkdDhS2Lp3VfhwEjzTNg45hSIXIf7yHQLVsr0kebrZ_QYugqJbdBGao&sai=AMfl-YTZcdzIf5xXD_TMSsIVujLZKywVA_PJfetJ2cvLtiaAnRdG2zo7WntnxP42YfkgSPBpqL98rbFXk3ZxR56vzBoa9f9KtZY5S0VdgJCzW43C0FHqBXqDGIBIYvp0Inz06o8&sig=Cg0ArKJSzLnfAWWukhjNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9441117225F6603695CA46DA4AC5E42C
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: EE7B437DC748FACDA4E9CB40A73E2D2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Тюмени и Тюменской области: главные новости на сегодня | Комсомольская Правда в Тюмени - KP.RU

Page URL History Show full URLs

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

263
Requests

95 %
HTTPS

68 %
IPv6

32
Domains

59
Subdomains

51
IPs

10
Countries

3551 kB
Transfer

8953 kB
Size

52
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16369/
Title: Убийство Дугиной

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/special/
Title: Дом. Семья

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/daily/invisible/
Title: Интересное

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=701901661195178878&hash=7d5a3b37ec17df35&puid1=adv-1661195178831-835&sj=X8WVU7AwESJlRZ2vfIzIgl92xBTdD4GT79RCTl0z2VVLVPmFYcSy9T-CZSJeKA%3D%3D&rand=cxhencg&rqs=qiebQhu951ar0wNjMdTczYhv5JYtIMQO&puid3=top%3Aregion&pr=gsushxr&p1=clerf&ytt=362840447909893&p5=ljjmt&ybv=0.634516&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.634516&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=701901661195178878&hash=7d5a3b37ec17df35&puid1=adv-1661195178831-835&sj=X8WVU7AwESJlRZ2vfIzIgl92xBTdD4GT79RCTl0z2VVLVPmFYcSy9T-CZSJeKA%3D%3D&rand=cxhencg&rqs=qiebQhu951ar0wNjMdTczYhv5JYtIMQO&puid3=top%3Aregion&pr=gsushxr&p1=clerf&ytt=362840447909893&p5=ljjmt&ybv=0.634516&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.634516&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 53

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 117

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9738.EwldwJ8k16uUv4pJ0yIg8cMJUWLbiaq_iEroT3IE18tCvB2wC1AIIT6I3NY04yBM.YiPl2icdyzbAqR3Ui3XQZ7MgEnI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9738.LcxNtexjWL8iw48f2h70zvNPttGAXgfnan-4tMATwdCe5w3HDbdY3kWEX-Z0VwmbGw_3XTPe2LgKewHoM6f0jnUjw6D_Y6h3oCL2UbY06BU%2C.UWo95skw4alDU6OwgXDTJ1uYRIo%2C

Request Chain 142

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.26920314682785373 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.26920314682785373

Request Chain 145

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 149

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190619%3Aet%3A1661195180%3Ac%3A1%3Arn%3A1011887055%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195180%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190619%3Aet%3A1661195180%3Ac%3A1%3Arn%3A1011887055%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195180%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 179

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523

Request Chain 214

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 218

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 247

https://www.googleadservices.com/pagead/conversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rdMDY4jnJY_a1wb6lImACA&random=1059175287&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353&ipr=y

Request Chain 248

https://www.googleadservices.com/pagead/conversion/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rdMDY_rnJefLmLAPqdGH0As&random=156464365&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=138671476 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=138671476&ipr=y

263 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumen.kp.ru/
Redirect Chain

http://pda.tumen.kp.ru/
https://pda.tumen.kp.ru/
https://www.tumen.kp.ru/

765 KB
101 KB

339ms
165ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f87ccf1868779d29b181cab9727d72273ecb097bfb68e93165eebf0812ac055

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 19:06:17 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E6803CA24C89

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 19:06:17 GMT
location: https://www.tumen.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 116 KB
32 KB 169ms
61ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e6606da2d3e7f5dd5f717577ffa98230234585c67429db3a5e86bc68513fef0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195178020090-8010384406857813212-sas3-0999-700-sas-l7-balancer-8080-BAL-3396
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 22 Aug 2022 20:06:18 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 290 KB
78 KB 234ms
127ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5b867cb796a505b35c4ae4e451a2f06656ab3697be3d06f4abdf3b4d5728da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195178020508-340620299677413633-sas3-0999-700-sas-l7-balancer-8080-BAL-3363
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 22 Aug 2022 20:06:18 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 86ms
26ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 57197e8a724a0dfc:a00021af301588ba:57197e8a724a0dfc:1
x-amz-request-id: a1e3fe86e186ba18
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 22100
x-request-id: 7dcb0607-2752-4a94-b9dc-acd7a364e02f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 76ms
30ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 1fd740549cbd5901:9d8b5b54ad3ebc62:1fd740549cbd5901:1
x-amz-request-id: a0586c94305cd76e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 39768
x-request-id: 072ec231-adeb-4e56-83a1-b0b7a29c63e9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 6 KB
7 KB 79ms
28ms Image
image/png 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
x-server-trace-id: f07e7c688c22060e:fff71b9cc107eb9b:f07e7c688c22060e:1
x-amz-request-id: 38615f80fd335216
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:11+00:00
content-length: 6368
x-request-id: 18025dd9-2b68-4e59-a501-896011ec04a0
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 favicon-16.png
www.tumen.kp.ru/boom/api/2/metrics/adaptive/ 514 B
923 B 156ms
155ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumen.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=tumen

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: c42a3a0fc5fdefd5:3ef52dcf36d8a286:c42a3a0fc5fdefd5:1
x-amz-request-id: 5258973a1b5059b5
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: 1accaa94-9f67-42a5-842f-7b68bfdae21a

GET
H2 200 wr-750.webp
s11.stc.yc.kpcdn.net/share/i/12/12665758/ 45 KB
45 KB 82ms
31ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s11.stc.yc.kpcdn.net/share/i/12/12665758/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a05b342f3980430a579a744e56531bce7662e1df3e49fe0a101ab39bb129fa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Mon, 22 Aug 2022 10:51:47 GMT
server: nginx
x-amz-request-id: 3cc1c42791694e14
etag: "6167adee08e3f51405fc97c39da2b694"
x-cached-since: 2022-08-22T11:09:08+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 45984
expires: Fri, 26 Aug 2022 19:06:18 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
312 B 83ms
32ms Image
image/gif 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: 8e57469145af22f3
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-08-20T19:47:54+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Fri, 26 Aug 2022 19:06:18 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
H2 200 n.svg
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/meteo/ 768 B
660 B 62ms
29ms Image
image/svg+xml 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/meteo/n.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: c5e05b7938efc181:dea9b61b83eea05d:c5e05b7938efc181:1
x-amz-request-id: fa50b2c73d387406
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:48:38+00:00
x-request-id: e3d2cbce-1454-453f-989b-28a10d8a359f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"bcb30adf55f66df96da407d71ae251e7"
x-amz-version-id: 0005D1CC4947530E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 339 KB
128 KB 32ms
30ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

45010d9dc316dd46c088ad941df8e8de7e724b1a0719f9a565f1144daef796e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: c43b009a60e02768:8c546c6369737187:c43b009a60e02768:1
x-amz-request-id: ba4291678f9a0cb1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:09:49+00:00
x-request-id: 4f6e5608-e4ee-430c-8941-4a4b8575416c
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Tue, 09 Aug 2022 09:12:19 GMT
server: nginx
etag: W/"9820422f8e96134ea98070a2b05340dc"
x-amz-version-id: 0005E5CB544D5774
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 276 KB
81 KB 58ms
56ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fa1f5a378d1b6ed9854b1fcdaac2b1b0f94e414d76fe29b0c42f5b8bc00c3397

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: e39c0d11886b845b:cafcc688644fc160:e39c0d11886b845b:1
x-amz-request-id: 39fc0611fc6e175f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:09:49+00:00
x-request-id: fccaacef-e350-44b9-9535-109f12bf8aad
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"7025be4f8081e9b3517cc92091123e40"
x-amz-version-id: 0005E670B156EF51
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 67 KB
23 KB 58ms
56ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive-topbar.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

cdb0f9fd04b4ab17a34e015dc70a73b673e1783df5449ccf88be313d55b7e3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 7bfa9b4034aa04fe:51e2f6f29a166953:7bfa9b4034aa04fe:1
x-amz-request-id: 02596646ce1c7486
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:09:49+00:00
x-request-id: c6f1a383-e9fe-4327-ba30-fbf63ff5100f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"2a0eaf21c393574db7915951b00dbf5e"
x-amz-version-id: 0005E670B1585791
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 10 KB
4 KB 58ms
56ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/radio.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

744c54512d1121cb37612674174ed9cf2b8e59969f31bce8af4959c75a88d1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 75d0cbcfbe4ceea1:bdf158913bf709d:75d0cbcfbe4ceea1:1
x-amz-request-id: 0612e64bfe99b156
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T12:31:12+00:00
x-request-id: 0510f2a3-9903-49ad-a7a3-2dd46a1a3a9f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:17 GMT
server: nginx
etag: W/"2797ad5029da0568152372f034dd98ab"
x-amz-version-id: 0005E66DB6E0EDB4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 17 KB
7 KB 27ms
26ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/main.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

4dd677bb4420e6863ce111bcc768b99512bceb2e2918b980d954036529cf76ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 8845138979d626b5:550e9bdc1a5bc0d:8845138979d626b5:1
x-amz-request-id: dbdf48987ab8b64a
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:17:13+00:00
x-request-id: 583f1c59-2d93-40fb-879f-cae1c248b503
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:16 GMT
server: nginx
etag: W/"4e451e5945cf1810edde068e13089019"
x-amz-version-id: 0005E66DB6CD408E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 97 KB
32 KB 56ms
55ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

3379bacfc3bac0150f30d7da5354b651f052214eaf081452174d8028c5daa9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: d722a263ebc4885c:711d8e56fd4ab1d0:d722a263ebc4885c:1
x-amz-request-id: a7f7f6a4e5c1eab3
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T19:06:13+00:00
x-request-id: a3d5fd07-e80a-41a9-932f-f652a970d7ed
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:18 GMT
server: nginx
etag: W/"85494702894b613c3bb459b5383d5bf1"
x-amz-version-id: 0005E66DB6ED0C3E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
8 KB 29ms
28ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

18f232b1fdd6b2806d850f3200aaa33d7d697c97eb04ce3936d96ed90b6478b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: a1809445a879e68f:25fbd6d49dc94707:a1809445a879e68f:1
x-amz-request-id: fe15ede6e0fad987
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T16:02:34+00:00
x-request-id: 54bceeb0-bd3a-4c11-9d5a-7a606591f48e
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:13 GMT
server: nginx
etag: W/"4d9c36622b89dad2275a833175705cae"
x-amz-version-id: 0005E66DB6A477ED
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 36 KB
13 KB 33ms
32ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e0638fedc4c8baed91a66850abca34f83e0b5093207b08c7ad2f6f0fb8dd45a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 14e7573b88527dec:4e62764f61713405:14e7573b88527dec:1
x-amz-request-id: c7510ff53434edc9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:16:24+00:00
x-request-id: 04571ab3-acb7-4f88-baa7-97a4825ae8b1
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:13 GMT
server: nginx
etag: W/"7c69b61b88238554c807be9898c971a4"
x-amz-version-id: 0005E66DB6A639A0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 46 KB
13 KB 49ms
48ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

241489ad5357595eaf948db786a1673081c5d7d7ac24f5d8e50c186e33e1888f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: cfa13f3bc2cc254f:53476c7f016c468e:cfa13f3bc2cc254f:1
x-amz-request-id: dbffb43b649b29e9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:17:13+00:00
x-request-id: c4fe1c42-19fd-492a-8643-4bca7e239743
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"f0e90958bd9078fef6e4b04542a5f09b"
x-amz-version-id: 0005E670B15DAAB0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 166ms
50ms Preflight 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tumen.kp.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tumen.kp.ru
content-length: 0
date: Mon, 22 Aug 2022 19:06:18 GMT
timing-allow-origin: *
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 240 B
525 B 143ms
49ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

418b3b1d9257aa9344288ead42bb9a287f09434cc77fcf1aca2238bc341e87fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Mon, 22 Aug 2022 19:06:18 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 240
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 37f129ddc9a9472eb30f.js Show response
yastatic.net/partner-code-bundles/634516/ 13 KB
5 KB 101ms
35ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/37f129ddc9a9472eb30f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

69da67aee532d1772cdb33ef6cb11b550ab49752e4146dbfe83a96a0b10bcc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4467
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "c07abbb9927b50b1dfd9f0480002713b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2052 01:41:17 GMT

GET
H2 200 50f6fec73e5faaf073e7.js Show response
yastatic.net/partner-code-bundles/634516/ 86 KB
18 KB 130ms
65ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b1b20f417556b312ce649c4124557c191dc68f5c4675837c75dae2d291601cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17974
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "5d412dcc1b658f0c307663e61a91dc04"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2052 01:41:17 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 184ms
119ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2052 01:41:17 GMT

GET
H2 200 db43d90b1e90506e1e6a.js Show response
yastatic.net/partner-code-bundles/634516/ 550 KB
109 KB 143ms
82ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/db43d90b1e90506e1e6a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

20cd7d963d1d7b4852eb93e4c3dc66dd7af19d64d6d5cf5303ce3f068053b23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111079
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "a82b9d00414a6c76cd41ea27590c0885"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2052 01:41:17 GMT

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 535ms
76ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e5b6746147911cc0b309016dbf8a87b344987d6585e2e18d13c912c27772b963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 19:06:18 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 608

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 88 KB
11 KB 1521ms
1246ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?pages.age.month=8&pages.age.year=2022&pages.direction=page&pages.number=19&pages.target.class=100&pages.target.id=49
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3838227b802dfd9c119f69593d8657e2089a142e54d12e9f1ffe2659e5fd1579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 19:06:19 -0000
server: nginx
etag: W/"b27b5aa3d3e58de28c19248ca9da6022"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Mon, 22 Aug 2022 19:16:19 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
263 B 366ms
95ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5537317&pages.direction=current&pages.spot=49&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1cb61f245b80f476c32be6e27c392cbfab2fd2b1d837b309bd81378f63ae6706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Mon, 22 Aug 2022 19:06:18 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Mon, 22 Aug 2022 19:16:18 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 80 KB
19 KB 802ms
535ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5537317&pages.direction=current&pages.spot=49&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 699357f5cb3c8564c433741bcab293444fd9c796ed86d074304b65eca4b40861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 19:06:19 -0000
server: nginx
etag: W/"a8a2a8b6b9847013f2ad4e8278dc0bb8"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Mon, 22 Aug 2022 19:16:19 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 28ms
28ms Fetch
image/gif 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 2b4209687ec58890:9abfd18060d863ce:2b4209687ec58890:1
x-amz-request-id: 92b7c17d0c2d7faf
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T08:17:42+00:00
content-length: 43
x-request-id: 038f558c-f289-40fa-8493-e699173424ff
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 3 KB
3 KB 29ms
28ms Image
image/png 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 4139075b89ac3982:a8ba208d02f2e164:4139075b89ac3982:1
x-amz-request-id: 63eba9c0bcb4bbbc
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:11:40+00:00
content-length: 2873
x-request-id: d2ef0992-41f5-44d1-9df8-0b2eb104191f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 wr-750.webp
s13.stc.yc.kpcdn.net/share/i/12/12665037/ 30 KB
30 KB 30ms
29ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.yc.kpcdn.net/share/i/12/12665037/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c462c0bf7b57d00aa53003c06e897113331e2af4356938d8502ee6e10de89a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Mon, 22 Aug 2022 06:17:19 GMT
server: nginx
x-amz-request-id: 0bc87f76df7d25cd
etag: "7f6bc85daad29def85c00d956c651ed3"
x-cached-since: 2022-08-22T06:28:32+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 30682
expires: Fri, 26 Aug 2022 19:06:18 GMT

GET
H2 200 wr-750.webp
s11.stc.yc.kpcdn.net/share/i/12/12665097/ 53 KB
54 KB 30ms
29ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s11.stc.yc.kpcdn.net/share/i/12/12665097/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9defeb99a060495def91163175b23f798e38fb947f08bdb960e6b258628a5315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Mon, 22 Aug 2022 06:46:33 GMT
server: nginx
x-amz-request-id: 04da35032ba8a325
etag: "423b5f84b264d93f1110c8830465c8d7"
x-cached-since: 2022-08-22T08:33:31+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 54690
expires: Fri, 26 Aug 2022 19:06:18 GMT

GET
H2 200 wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12663959/ 61 KB
61 KB 32ms
31ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.yc.kpcdn.net/share/i/12/12663959/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da24ca580aafbfcbf4309e3e8afefd7706063456bd7577e5ca4ec8aa2a9adf30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
last-modified: Sun, 21 Aug 2022 06:01:24 GMT
server: nginx
x-amz-request-id: ec01f88660289780
etag: "bd4ce6bba6fa68c4494197708c795d03"
x-cached-since: 2022-08-21T19:57:21+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 62594
expires: Fri, 26 Aug 2022 19:06:18 GMT

GET
H2 200 cbca3b3a43c4037b14fa.js Show response
yastatic.net/partner-code-bundles/634516/ 36 KB
10 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/cbca3b3a43c4037b14fa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ac328a8a84ae8f231289b12001679dd2c93d99161388aa3eca4a9b64078e2987

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10176
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "ac2157920bddee7692d0bbba14be6e19"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2052 01:41:18 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
201 B 209ms
83ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a772ceb40cbf381547379bb60a87695011178d68ff1a34c77e6f679bcf994af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

28ms
28ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 Georgsmarienhuette, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"9dfbd91c92a33b988d3119c144621fa7dfb024ae41de7254d621b2e87eb2777e"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 90ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:51 GMT
server: nginx
etag: W/"62fb4553-1ddb3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 Aug 2022 19:06:18 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 76ms
11ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Mon, 22 Aug 2022 19:06:18 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 241ms
58ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Mon, 22 Aug 2022 19:06:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 197ms
76ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Date: Mon, 22 Aug 2022 19:06:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 78ms
14ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 75ms
12ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Mon, 22 Aug 2022 19:06:18 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 249ms
58ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Mon, 22 Aug 2022 19:06:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 171ms
52ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Date: Mon, 22 Aug 2022 19:06:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 75ms
13ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

47ms
47ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 Georgsmarienhuette, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"eda26b43d885c0a7bb12c04b4c672cda228c4dd73ada84abd8479c0a6e89d710"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
475 B 394ms
317ms XHR
application/json 65.108.236.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.236.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.236.108.65.clients.your-server.de
Software: nginx/1.23.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
server: nginx/1.23.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: c2b38b02-d14b-4f61-adc3-21fd5ced92f0
expires: 0

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
201 B 204ms
86ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b83087606e958b4f934eedbd553f380c75feae5713ba2927cbc427ded7bb8afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 222 B
533 B 176ms
59ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1308cc699f7708cba0f321f5367b8aba53f55c3b9f8f1bb7e3f6f8507d4a4b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 69ms
12ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Mon, 22 Aug 2022 19:06:18 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 251ms
59ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Mon, 22 Aug 2022 19:06:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 165ms
51ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

Date: Mon, 22 Aug 2022 19:06:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 70ms
13ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 258ms
256ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-22T19%3A06%3A18.867%2B00%3A00&pd=22&pdh=1200&pdw=1600&pr1=1983079112&pr=2076820659&prr=&pv=19&pw=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840447909893&is-turbo=0&skip-token=&ad-session-id=701901661195178878&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1661195178823-935&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&use-server-side-rendering=1&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e0654d2142e08b8b6377cff526b0b1c1b82e5dbe98fccc49682e2855c83c3aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195178948616-17989256126196482548-sas3-0999-700-sas-l7-balancer-8080-BAL-7504
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 86 KB
26 KB 45ms
36ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

bc96dd512627a5ff3462e1079dbcd5c5150bab5b724a0d143986cdde8ca4a9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: d1008f716efcaf7:5777728431cc5d2f:d1008f716efcaf7:1
x-amz-request-id: 0af7dbb99fc29c42
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:09:53+00:00
x-request-id: f2cda422-22b7-4df8-b3b8-ef36d1241e69
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:18 GMT
server: nginx
etag: W/"2ebd6104a26022c88fb99bb889a0f5dc"
x-amz-version-id: 0005E66DB6E9C405
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 405 B
697 B 44ms
35ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fd61b939d60a34fe92950d8fb53ed0449e7cd55ed78c000ec51aec0136d1c157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc13
date: Mon, 22 Aug 2022 19:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 4cc23a23a3ec8c66:e032e88ce2f6c500:4cc23a23a3ec8c66:1
x-amz-request-id: 0798e54c2618d2a7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:30:42+00:00
x-request-id: 1c351d07-23f4-4118-b9c7-47d4073505ec
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:15 GMT
server: nginx
etag: W/"30e012cc6946dd7c361a18014746dece"
x-amz-version-id: 0005E66DB6BC2EDF
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 19:06:18 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 161ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=19117699402

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 160ms
21ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=97847485358

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 159ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=67182269373

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4295 2 KB
1 KB 56ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 972
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:18 GMT
server-processing-duration-in-ticks: 2091
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 96 KB
29 KB 296ms
296ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-22T19%3A06%3A19.051%2B00%3A00&pd=22&pdh=1200&pdw=1600&pr1=1778868078&pr=2076820659&prr=&pv=19&pw=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840447909893&is-turbo=0&skip-token=&ad-session-id=701901661195178878&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1661195178823-502&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MjAzLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxNDYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&use-server-side-rendering=1&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

de27f6c79fa0c81034f5dd9ecfa5ef2a1739ee2fb6a7e0a44e6e13223e4c2a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1661195179081106-16459194060954139061-sas3-0999-700-sas-l7-balancer-8080-BAL-3225
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 18ms
17ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 22ms
21ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 17 Aug 2023 19:06:19 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 21ms
20ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 17 Aug 2023 19:06:19 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 297ms
297ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-22T19%3A06%3A19.187%2B00%3A00&pd=22&pdh=1200&pdw=1600&pr1=4123483461&pr=2076820659&prr=&pv=19&pw=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840447909893&is-turbo=0&skip-token=&ad-session-id=701901661195178878&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A215%2C%22top%22%3A1254%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1661195178828-573&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjMzNywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjM2LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTkifV0%3D&utf8=%E2%9C%93&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&use-server-side-rendering=1&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7a4ade98b80b7b383d9b780251b39165996140b93c94d2f7b59c06d61e4e7b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195179217636-2208709249813810668-sas3-0999-700-sas-l7-balancer-8080-BAL-1602
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 15ms
15ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Aug 2022 19:06:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 153ms
138ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-22T19%3A06%3A19.194%2B00%3A00&pd=22&pdh=1200&pdw=1600&pr1=530241601&pr=2076820659&prr=&pv=19&pw=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840447909893&is-turbo=0&skip-token=&ad-session-id=701901661195178878&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A235%2C%22top%22%3A3867%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1661195178831-835&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjgyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRDZ0UEcyWDF3OTM1S2tIaTlxb0gifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjUzLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF84c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAzMDA3In0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5Mjc4NTcifV0%3D&utf8=%E2%9C%93&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&use-server-side-rendering=1&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3dd9d59595f56e71d527f5c565b25c1eea61e245de8053d38ca13200420750f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195179236665-3118228877152187598-sas3-0999-700-sas-l7-balancer-8080-BAL-7726
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 28ms
18ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 90A9 83 KB
28 KB 60ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ac6976c0366d033e88c147b0457c9a91603713547aed506e1c45b1d5ed9872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28579
x-xss-protection: 0
server: sffe
etag: "1311 / 501 of 1000 / last-modified: 1661166591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 57ms
57ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=4bf3a0529eadb9d9&pm=bmo&pxo=psuC8Hps7A_YKeSwEdMXOobxSW_M3MebBSKFptdOYyy5fh3t9MC6Gtqxcra-O9EcceMxHyMd2gc5mRl9R0TLWsKD44thxLiPNDqk7PWi_wNcjuRIoQW4hjruGKKt0_IBrGCCekLjytMLNLnBJUWjd60IxW-7sZNFhqCejuh3ta_nuC5q6XDx&p5=gwdbk&ad-session-id=701901661195178878&utg=oxum&lts=fjvezig&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=kjthazl&sj=XduKn2qjjSVLhQhPTdlgrZFKHsfF0wrfyK8Fk9QTWAkSzhRg3dxFGnRYfCvbag%3D%3D&puid1=adv-1661195178823-935&pr=gsushxr&p1=cdinl&rqs=qiebQhu951aq0wNj_Wa9XmsOnfA2TxEn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 403ms
402ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-22T19%3A06%3A19.240%2B00%3A00&pd=22&pdh=1200&pdw=1600&pr1=2484146780&pr=2076820659&prr=&pv=19&pw=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840447909893&is-turbo=0&skip-token=&ad-session-id=701901661195178878&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=634516&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1661195178830-442&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM1MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjgyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNzE1NzM3NzA5NDBiNzJjMDQyODkifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoia3BfMnNsb3RfMXNjciJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODQyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo4MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTIifSx7ImJpZGRlck5hbWUiOiJhZGZveF9hZHNtYXJ0IiwiY2FtcGFpZ25faWQiOjE1OTIwNDAsInJlc3BvbnNlX3RpbWUiOjIwNywiZXJyb3IiOnsiY29kZSI6MX19LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjg5MDQ1MCwicmVzcG9uc2VfdGltZSI6MTQ2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyNzE2NiJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxODcxMDE2LCJyZXNwb25zZV90aW1lIjozOTIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTUzNSJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2ltaG8tdmlkZW8iLCJjYW1wYWlnbl9pZCI6MTc4OTU4MSwicmVzcG9uc2VfdGltZSI6MjA3LCJlcnJvciI6eyJjb2RlIjoxfX1d&utf8=%E2%9C%93&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&use-server-side-rendering=1&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ec46ffda0acd65de949c95853141581b3fe8e9741e2dc31fb2d486d992a45339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661195179269284-7558044182877121635-sas3-0999-700-sas-l7-balancer-8080-BAL-353
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 90A9 384 KB
131 KB 82ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 11:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Aug 2023 11:40:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 60ms
22ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/db43d90b1e90506e1e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d6ceab7841343d88d23f8c56c960480a961f8f01a5e438634028bcfdbf84a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Aug 2022 19:06:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 54ms
53ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=a4c86297b97e46c8&pm=cyz&p5=ljjmt&ad-session-id=701901661195178878&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjMdTczYhv5JYtIMQO&pr=gsushxr&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&rand=cenpeef&sj=X8WVU7AwESJlRZ2vfIzIgl92xBTdD4GT79RCTl0z2VVLVPmFYcSy9T-CZSJeKA%3D%3D&puid1=adv-1661195178831-835&p1=clerf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 203ms
107ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: dce3597422e81c1d
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: 59f5b8eef8734c49

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 285ms
190ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: d9a46556dab2ce39
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 49c25bc8fdcfa7b3

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 34ms
33ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: b20004b3a81b4d9d
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:54:29 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 177ms
67ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 10:37:44 GMT
etag: "63033248-de6c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56940
expires: Mon, 22 Aug 2022 20:06:19 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 41ms
41ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 1fd740549cbd5901:9d8b5b54ad3ebc62:1fd740549cbd5901:1
x-amz-request-id: a0586c94305cd76e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 39768
x-request-id: 072ec231-adeb-4e56-83a1-b0b7a29c63e9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 73ms
73ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 57197e8a724a0dfc:a00021af301588ba:57197e8a724a0dfc:1
x-amz-request-id: a1e3fe86e186ba18
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 22100
x-request-id: 7dcb0607-2752-4a94-b9dc-acd7a364e02f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 71ms
71ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 1fd740549cbd5901:9d8b5b54ad3ebc62:1fd740549cbd5901:1
x-amz-request-id: a0586c94305cd76e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 39768
x-request-id: 072ec231-adeb-4e56-83a1-b0b7a29c63e9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 37ms
37ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 1fd740549cbd5901:9d8b5b54ad3ebc62:1fd740549cbd5901:1
x-amz-request-id: a0586c94305cd76e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 39768
x-request-id: 072ec231-adeb-4e56-83a1-b0b7a29c63e9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 71ms
71ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 57197e8a724a0dfc:a00021af301588ba:57197e8a724a0dfc:1
x-amz-request-id: a1e3fe86e186ba18
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 22100
x-request-id: 7dcb0607-2752-4a94-b9dc-acd7a364e02f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 55ms
54ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 57197e8a724a0dfc:a00021af301588ba:57197e8a724a0dfc:1
x-amz-request-id: a1e3fe86e186ba18
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 22100
x-request-id: 7dcb0607-2752-4a94-b9dc-acd7a364e02f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 55ms
54ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 1fd740549cbd5901:9d8b5b54ad3ebc62:1fd740549cbd5901:1
x-amz-request-id: a0586c94305cd76e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 39768
x-request-id: 072ec231-adeb-4e56-83a1-b0b7a29c63e9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 104ms
103ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

x-id: cec-up-gc12
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 57197e8a724a0dfc:a00021af301588ba:57197e8a724a0dfc:1
x-amz-request-id: a1e3fe86e186ba18
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-22T09:10:35+00:00
content-length: 22100
x-request-id: 7dcb0607-2752-4a94-b9dc-acd7a364e02f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 23 Aug 2022 19:06:19 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4628184/ymUarC409MHg8I27Pgkfng/ 34 KB
35 KB 238ms
105ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4628184/ymUarC409MHg8I27Pgkfng/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 11795b03bddc019a757769d8ddc096766e2a6db6017dcd0cc429dc4b2869d7f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
last-modified: Thu, 28 Jul 2022 12:03:03 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 34940
x-request-id: 3399796a594cdb9c

GET
H/1.1 200
Ok rukan-maison.ae
favicon.yandex.net/favicon/ 1 KB
1 KB 192ms
59ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/rukan-maison.ae?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

26b9c31160e3bd2dea0ae368645a2c60ad2bfd746fa6d1817328fbe7cc8fc1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 7AEB 24 KB
7 KB 131ms
37ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 22 Aug 2022 19:06:19 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 22 Aug 2052 01:38:47 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 86ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6779225c7918ddbab0f21bab815e851828e81a928686438c7871b6236d1a9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 18:09:23 GMT
x-content-type-options: nosniff
age: 176216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22880
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:48:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 18:09:23 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 75ms
29ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b125b7ec47cea1357452e1e22295d77a29e97709d3f9cd65389b571a880c9d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Wed, 17 Aug 2022 09:28:28 GMT
x-content-type-options: nosniff
age: 466671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39868
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 09:28:28 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 101ms
57ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b125b7ec47cea1357452e1e22295d77a29e97709d3f9cd65389b571a880c9d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Wed, 17 Aug 2022 09:28:28 GMT
x-content-type-options: nosniff
age: 466671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39868
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 09:28:28 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 108ms
64ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6779225c7918ddbab0f21bab815e851828e81a928686438c7871b6236d1a9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 18:09:23 GMT
x-content-type-options: nosniff
age: 176216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22880
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:48:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 18:09:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 56ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 15 Aug 2022 21:26:05 GMT
x-content-type-options: nosniff
age: 596414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 21:26:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v30/ 6 KB
7 KB 85ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Tue, 16 Aug 2022 08:48:02 GMT
x-content-type-options: nosniff
age: 555497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6632
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 08:48:02 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 92ms
60ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b125b7ec47cea1357452e1e22295d77a29e97709d3f9cd65389b571a880c9d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Wed, 17 Aug 2022 09:28:28 GMT
x-content-type-options: nosniff
age: 466671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39868
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 09:28:28 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 101ms
68ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jj4JN0EwI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6779225c7918ddbab0f21bab815e851828e81a928686438c7871b6236d1a9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 18:09:23 GMT
x-content-type-options: nosniff
age: 176216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22880
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:48:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 18:09:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C6E0 83 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e23b282ceca95d79a243d3160d49d08c30d0a8333161c588e3cf7ca88795c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28513
x-xss-protection: 0
server: sffe
etag: "1311 / 610 of 1000 / last-modified: 1661166591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 56ms
55ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9775a426de1929a5&pm=bmo&pxo=ATgpvKxEW35KbzZa46C_Yidyb4hHYX4IwTAHQXeIoM2pYGAWEywo27a3tKb4vhGlP77s2BRf_cy325BiZG0uCBdInQGmpyRzwhLnCBPp73IyRKfcIpIBzjvhQRx2KZ3EevLEAA4XAybyWjFKR8Y2f5hDjLZl5ZoDMdKDrCnKeIV3yirutWE%3D&p5=gwefg&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjUo4mquWV0z0UGMKk&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=npzeqkg&sj=3K87mjgaSNC9yJ-jrJD2A-PInCLeBy-4O1DMu7w0cUM01r-FgwdeMpHjCxSJeQ%3D%3D&puid1=adv-1661195178828-573&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 90A9 107 B
792 B 77ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 90A9 107 B
549 B 76ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 90A9 87 KB
28 KB 587ms
551ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=679379330719404&correlator=4360514915465212&eid=31069031%2C31068920&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_12&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661195179817&lmt=1661195179&dlt=1661195179204&idt=545&adxs=1410&adys=389&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=4qmw2qgsbn1g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=759486574.1661195180&ga_sid=1661195180&ga_hid=1160789982&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3a3c4a90df106a129b12dddc6cf2e6a969e9c266a87eb9f819cb5b416a0f7d0c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPiy56SS2_kCFcEe4AodnsYNPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPiy56SS2_kCFcEe4AodnsYNPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28327
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 22 Aug 2022 19:06:20 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 90A9 14 KB
11 KB 109ms
61ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4342a826addea6d37b449010f19236f2a1c132c15315491c63bdf7c82baa6fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11175
x-xss-protection: 0

GET
H2 200 container.html Show response
94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BAB8 6 KB
4 KB 120ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:19 GMT
expires: Tue, 22 Aug 2023 19:06:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 35DE 83 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7904458fb3dc265755433d2d47fa527f7675199fd60d0a9a25fab772e6e796c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
etag: "1311 / 775 of 1000 / last-modified: 1661166540"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 57ms
57ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=3d45cd2ad9e2ed5e&pm=bmo&pxo=lmm9tStiHoQNMeybwo5s2_URInCpmRoM1qHNiDa1SPdavXH0SEZUvshBNppsZtma1BydF0flLw-6lv8_2hzwHaqrFeUK3wt54WshOzrZXWHXso2L2tRswT9g-3tIQHZIIAYVt-bcXGHqIk0clhgCsCbGbPTitddH-J1t5-kpo00HBb8YUw%3D%3D&p5=gwaok&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjjzQuqCmd3e0JfWSW&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=mjcznjt&sj=Mp--IGU7tRSEJWGzIwMrfbYPoBUuoweJCPQMbre4lVyS_6iHNY_Ooq1wscItLg%3D%3D&puid1=adv-1661195178830-442&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1VRml33V0Hi200000000U9nJNAK-sqbwx_CmGubd2aufrvgTBLTVPavc009Fc4Ze7EFLuR5zQGmCgOn0yKo9PmdM8F5I6I2lDW58j3A2o4wGB10mCSna_7iDmbx8UCGVmbh9UCeTmjhBUFSh7yDHCFyi8pDGv2eZIEjTHWOP1gQ_ZBEO61ZcCe54bZAT0aglPVe5P... Show response
yandex.ru/an/rtbcount/ 43 B
337 B 57ms
56ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1VRml33V0Hi200000000U9nJNAK-sqbwx_CmGubd2aufrvgTBLTVPavc009Fc4Ze7EFLuR5zQGmCgOn0yKo9PmdM8F5I6I2lDW58j3A2o4wGB10mCSna_7iDmbx8UCGVmbh9UCeTmjhBUFSh7yDHCFyi8pDGv2eZIEjTHWOP1gQ_ZBEO61ZcCe54bZAT0aglPVe5P9zb-Wy4JvbU04LUCGaKTmR5IpnZO63fwrEv-OoLuIzJXp3G8SoiGAMzp090SYepo8Yvp2mWovcP61H0ThDiPAwRVBhl-lAzd2UPL_bVTrhnpgpiAbZbNJ3vazd1YH_ip5ai2eMPgKc16QMMfeQ9HGRbVbafYTb6tYwXnluHMQLbbV7f2rcaGo6ALx3yNSkyWOLn1mlh0HR6comGdtwmVyXozWm8lB5_omBoxmJMreQEXhO3GGjOEK-oRdx20LPtatNLzPhskcS2lbzPGRxiO6jWcS2swloRALiMl_ySDeFjok7W1MoxDpryq_NYqv_rZ2lPOAOUOFCumSRyY8tNEDl9oZ0hqAtKFJF9_2KRpFwVSDP4TeK_jrRV2tbZFukTpSpOnDJGR0DxWy8ETiOJx28Fs1yUk7goyyMxYLa_s1SQDt1iVMy0012TikO0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:19 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:19 GMT

GET
H3 200 pubads_impl_2022081601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C6E0 383 KB
130 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 10:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133485
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Aug 2023 10:05:36 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9738.EwldwJ8k16uUv4pJ0yIg8cMJUWLbiaq_iEroT3IE18tCvB2wC1AIIT6I3NY04yBM.YiPl2icdyzbAqR3Ui3XQZ7MgEnI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9738.LcxNtexjWL8iw48f2h70zvNPttGAXgfnan-4tMATwdCe5w3HDbdY3kWEX-Z0VwmbGw_3XTPe2LgKewHoM6f0jnUjw6D_Y6h3oCL2UbY06BU%2C.UWo95skw4alDU6OwgXDTJ1uYRIo%2C

43 B
353 B

55ms
55ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9738.LcxNtexjWL8iw48f2h70zvNPttGAXgfnan-4tMATwdCe5w3HDbdY3kWEX-Z0VwmbGw_3XTPe2LgKewHoM6f0jnUjw6D_Y6h3oCL2UbY06BU%2C.UWo95skw4alDU6OwgXDTJ1uYRIo%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9738.LcxNtexjWL8iw48f2h70zvNPttGAXgfnan-4tMATwdCe5w3HDbdY3kWEX-Z0VwmbGw_3XTPe2LgKewHoM6f0jnUjw6D_Y6h3oCL2UbY06BU%2C.UWo95skw4alDU6OwgXDTJ1uYRIo%2C
date: Mon, 22 Aug 2022 19:06:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 90A9 17 KB
7 KB 96ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 35DE 384 KB
131 KB 24ms
24ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 05:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Aug 2023 05:47:22 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 7AEB 95 B
400 B 157ms
48ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Date: Mon, 22 Aug 2022 19:06:20 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Tue, 23 Aug 2022 19:06:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C6E0 107 B
122 B 53ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C6E0 107 B
122 B 75ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C6E0 114 KB
36 KB 587ms
587ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=253065605676435&correlator=2513017961630441&eid=31069030%2C31062931&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_12&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661195180094&lmt=1661195180&dlt=1661195179533&idt=528&adxs=215&adys=1254&biw=1600&bih=1200&isw=240&ish=400&scr_x=0&scr_y=0&btvi=1&ucis=bdvxvgnsqdfb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=1788650818.1661195180&ga_sid=1661195180&ga_hid=1577744564&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

420b9a7c3953df0caf9d9cf2f9c6f1f8989374943a811adeeefb3d0d6bf9f5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36381
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C6E0 14 KB
11 KB 110ms
60ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5a1e80108b0a2531c468a21f52b80fa962333aac333a882efd0ae65d76d9bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11059
x-xss-protection: 0

GET
H2 200 container.html Show response
6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EBF1 6 KB
3 KB 84ms
24ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Tue, 22 Aug 2023 19:06:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
74 KB 67ms
26ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c865383c1f8fc02fb61ce539485f5fb99511c38a64ca0cc1ba5ab3018c30950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75644
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 18:32:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0221 13 KB
5 KB 78ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:01:17 GMT
expires: Tue, 22 Aug 2023 19:01:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A641 783 B
1 KB 68ms
24ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6372349cb5e6592de4b40ab1c2d84b3279e88188fb6d7fcaa884380079e55a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6WQnrbm5aAekBe7iIJCyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-6WQnrbm5aAekBe7iIJCyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Mon, 22 Aug 2022 19:06:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C6E0 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 35DE 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 35DE 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 35DE 27 KB
12 KB 522ms
522ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2557038629801030&correlator=1496092932994850&eid=31068829%2C44764002%2C31061690&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_24&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661195180285&lmt=1661195180&dlt=1661195179861&idt=399&adxs=1100&adys=486&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=o1fpv7xihgdf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1073186124.1661195180&ga_sid=1661195180&ga_hid=751659168&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c27bee424577194ee246d0e03e9cc9bc1222e1b4d9fa6c7f284bbdf607c853ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11801
x-xss-protection: 0
google-lineitem-id: 5137992858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138278328646
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 35DE 14 KB
11 KB 60ms
60ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7628b94ac48667950eaa001cf5e44e028cd551374dd15eed02276f7964b7e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10872
x-xss-protection: 0

GET
H2 200 container.html Show response
21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 098F 6 KB
3 KB 65ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Tue, 22 Aug 2023 19:06:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 56ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c546ec8c4abfb8c173953b36203ac229b952a40426fef438573ae81872c6f936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72166
x-xss-protection: 0
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 64ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a5486c81ce04d7157370ccee909439a91c94897b9f98948d28b465633ace158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72170
x-xss-protection: 0
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 181ms
84ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Wed, 01 Dec 2021 16:19:48 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a4-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Mon, 05 Sep 2022 19:06:20 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
70 KB 101ms
100ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 10:36:45 GMT
etag: "6303320d-118b8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71864
expires: Mon, 22 Aug 2022 20:06:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
13ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 260
date: Mon, 22 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Aug 2022 21:02:00 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 119ms
38ms Script
application/x-javascript 46.161.36.3
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp2.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Date: Mon, 22 Aug 2022 19:06:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:55:37 GMT
Server: nginx
ETag: W/"5ada0d79-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 25 Aug 2022 19:06:20 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
188 B 27ms
8ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1661195180323&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&c7=https%3A%2F%2Fwww.tumen.kp.ru%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 1yA6DxsdwOHyWCzwrMc1bogs9d38A6-Xi36hmGth2vKndyeRv_IoVg==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kptumen
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u0...
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%...

43 B
528 B

41ms
41ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.26920314682785373

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 19:06:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 21 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 19:06:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.26920314682785373
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 21 Aug 2021 21:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC6A 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:01:17 GMT
expires: Tue, 22 Aug 2023 19:01:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 46E4 783 B
537 B 56ms
23ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd9f091135120c3f44e411cd3ffe9f4ca503aca646ffed7d027b436108a14f1e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKhM5sGSe58jQ0KmUAFvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-kKhM5sGSe58jQ0KmUAFvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Mon, 22 Aug 2022 19:06:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
367 B

8ms
8ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:43:28 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1373
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 7gPHGqsnhEQJpR5y0NeEpewRV5UG1gk44u9GRZc6MFRgC_UU57wJ7w==

Redirect headers

location: /internal-c2/default/cs.js
date: Mon, 22 Aug 2022 19:06:20 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: 55F-xFSGRP3qfP8hlvMAUUPwgBjll5uz3_G7A0z_u6smVcDS1enveQ==
x-cache: Miss from cloudfront

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A641 0
0 78ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=679379330719404&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0221 36 KB
14 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 16:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 16:26:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 35DE 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3A...

167 B
622 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190619%3Aet%3A1661195180%3Ac%3A1%3Arn%3A1011887055%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195180%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3954894368f2f38bf68613544a80ee9ed3c1a790f450793fc055a7c8611a6d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190619%3Aet%3A1661195180%3Ac%3A1%3Arn%3A1011887055%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195180%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame DC6A 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 16:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 16:26:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AA7 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:01:17 GMT
expires: Tue, 22 Aug 2023 19:01:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3492 783 B
534 B 26ms
25ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3216045fa8caf6ecc63db3aedc57313841970e154653405e50bf142dd7ed73fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-93Jtb2wwW9viThRdOSAbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-93Jtb2wwW9viThRdOSAbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Mon, 22 Aug 2022 19:06:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBBD 6 KB
3 KB 57ms
27ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069031

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Tue, 22 Aug 2023 19:06:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 84ms
84ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=7148cfc759f3af1c&pm=bmu&pxo=psuC8Hps7A_YKeSwEdMXOobxSW_M3MebBSKFptdOYyy5fh3t9MC6Gtqxcra-O9EcceMxHyMd2gc5mRl9R0TLWsKD44thxLiPNDqk7PWi_wNcjuRIoQW4hjruGKKt0_IBrGCCekLjytMLNLnBJUWjd60IxW-7sZNFhqCejuh3ta_nuC5q6XDx&p5=gwdbk&ad-session-id=701901661195178878&utg=oxum&lts=fjvezig&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=hffjvxu&sj=XduKn2qjjSVLhQhPTdlgrZFKHsfF0wrfyK8Fk9QTWAkSzhRg3dxFGnRYfCvbag%3D%3D&puid1=adv-1661195178823-935&pr=gsushxr&p1=cdinl&rqs=qiebQhu951aq0wNj_Wa9XmsOnfA2TxEn&resp-time=1236

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe8h0&_p=549019472&cid=908867800.1661195180&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661195180&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_nsi=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 25ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E8KWCYC304&gtm=2oe8h0&_p=549019472&cid=908867800.1661195180&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661195180&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 63ms
23ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=908867800.1661195180&jid=1776703203&gjid=709221720&_gid=1611871640.1661195181&_u=YCDAgAABAAAAAE~&z=657172681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 19:06:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 60ms
30ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=549019472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAAAABAAAAAG~&jid=293707531&gjid=1372233702&cid=908867800.1661195180&tid=UA-5200037-42&_gid=1611871640.1661195181&_r=1&gtm=2wg8h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1024432841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
20ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=549019472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAAAABAAAAAG~&jid=1157683760&gjid=1557662802&cid=908867800.1661195180&tid=UA-23870775-31&_gid=1611871640.1661195181&_r=1&gtm=2wg8h0WCBNVW&cd1=&z=1311052557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
14ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=549019472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=1776703203&gjid=709221720&cid=908867800.1661195180&tid=UA-23870775-1&_gid=1611871640.1661195181&gtm=2wg8h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1181045989

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 05:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 46E4 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=253065605676435&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 422 B
456 B 58ms
57ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A0%3Als%3A626275116524%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A916314857%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(99400)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c0b7bfd2811eed51ac500752dceab7fe174b237282961e82215d568cc8a355d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 422
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 383 B
414 B 56ms
55ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A3%3Adp%3A0%3Als%3A124694384212%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A303639752%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-2-h-2)clc(0-0-0)lt(99400)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

31a7a01c541eb93fdcbe144594e282be621865f78bbc214976643918a9ef3f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 383 B
418 B 51ms
51ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A4%3Adp%3A0%3Als%3A208408609522%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A621963609%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-5-h-3)clc(0-0-0)lt(99400)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebdc946cf7998e4315f97cbe13f3275f25c6daf02aaf2dd5c64bd8f3f08cebfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 153ms
76ms Script
application/x-javascript 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp2.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Date: Mon, 22 Aug 2022 19:06:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 38ms
38ms Image
image/png 46.161.36.3
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.tumen.kp.ru%2F&rnd=3958801122993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp2.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

X-Target-Version: 2
Date: Mon, 22 Aug 2022 19:06:20 GMT
X-Target-Final: 20220822220620-0
Server: nginx
X-Target-Host: target2-1.sselp2
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00019
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Mon, 22 Aug 2022 19:06:19 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 58ms
57ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A1%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A109076818%3Arqn%3A1%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Ads%3A0%2C0%2C164%2C96%2C335%2C0%2C%2C127%2C0%2C1842%2C1842%2C6%2C897%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(99400)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
73 B 59ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A1%3Als%3A771104372665%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A919380970%3Arqn%3A2%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(99400)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame F35C 190 KB
25 KB 16ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 518668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25104
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 19:01:52 GMT
expires: Wed, 16 Aug 2023 19:01:52 GMT
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BBBD 0
0 59ms
59ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpie1q9MDY7ixN8G9gAeejbfwA6am2P9qgMXFhZkPrPKkirwrEAEg8cvnQmCVypmCrAegAYOklNACyAEJqQLhqH1Q6LmwPuACAKgDAcgDAqoEjwJP0FXPW_hcr4STVCD5uOH4xfVH0o5uJyXTwNPrNzaOJvJe4PpEEOt3iApGn4aeBqsbwGaXzmTSN7Ukp95e50QkHNsLfIW72vaNJ52pR8EghW_rm8T_x_hR06jVl8WN1vUdiqcgT8FZz_cVfNK-EEoX3I0yswZHjoWw-WOAOUk2QjXTQWglvctVEMaCoDXOEccEwSW191D-LPyQROvbogoMTtDEslfdFLLtBRMjhHaotdurBB_T-_8JsnEEaY5Oti7s8PTNFuWZ0RNLSnKcKcuf8yFelgRNcTIvj7HN8j1AixwBG2dZgEdRM0FxYCE0bNj6g_sDrXaWQQHSsZElhEZBY191ltuAcyntGoqyHtnTwAT-3-Wj3wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH5dvrrwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCn4hzSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNzE3MjczMzQwODQ1NTY5Mhjx_hM&sigh=GkcBdwlbk6A&uach_m=[UACH]
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8F 143 B
426 B 53ms
14ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
URL: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

age: 1624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 18:39:16 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame BBBD 3 KB
3 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus.js

Requested by

Host: 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
URL: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:55:14 GMT
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2961
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=windows-1255
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:55:14 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame BBBD 26 KB
10 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection.js

Requested by

Host: 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
URL: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:58:41 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
133 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22 Aug 2022 10:37:44 GMT
etag: "63033248-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Aug 2022 20:06:20 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=908867800.1661195180&jid=1157683760&gjid=1557662802&_gid=1611871640.1661195181&_u=YCHAAAABAAAAAG~&z=128765245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 19:06:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
51ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=908867800.1661195180&jid=1776703203&_u=YCDAgAABAAAAAE~&z=857219965

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 101ms
51ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=908867800.1661195180&jid=1776703203&_u=YCDAgAABAAAAAE~&z=857219965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 452944666*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
335 B 44ms
43ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/452944666***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 4f321a860a8732a9cdaed062345e954b638d04377a1d945d8d46d6f4d434dbc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22 Aug 2022 19:06:20 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

666378523
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523

43 B
297 B

43ms
43ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/666378523
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 container.html Show response
6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C07 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
expires: Tue, 22 Aug 2023 19:06:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 57ms
57ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=060d35f177de80ee&pm=bmu&pxo=ATgpvKxEW35KbzZa46C_Yidyb4hHYX4IwTAHQXeIoM2pYGAWEywo27a3tKb4vhGlP77s2BRf_cy325BiZG0uCBdInQGmpyRzwhLnCBPp73IyRKfcIpIBzjvhQRx2KZ3EevLEAA4XAybyWjFKR8Y2f5hDjLZl5ZoDMdKDrCnKeIV3yirutWE%3D&p5=gwefg&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjUo4mquWV0z0UGMKk&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=taskdl&sj=3K87mjgaSNC9yJ-jrJD2A-PInCLeBy-4O1DMu7w0cUM01r-FgwdeMpHjCxSJeQ%3D%3D&puid1=adv-1661195178828-573&p1=cavko&resp-time=1222

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A4%3Adp%3A0%3Als%3A208408609522%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A302199108%3Arqn%3A1%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Ads%3A0%2C0%2C164%2C96%2C335%2C0%2C%2C127%2C0%2C1842%2C1842%2C6%2C897%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 43 B
73 B 55ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A4%3Adp%3A0%3Als%3A208408609522%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A332332561%3Arqn%3A2%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
76 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A4%3Adp%3A0%3Als%3A208408609522%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A889060817%3Arqn%3A3%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A3%3Adp%3A0%3Als%3A124694384212%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A996571153%3Arqn%3A1%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Ads%3A0%2C0%2C164%2C96%2C335%2C0%2C%2C127%2C0%2C1842%2C1842%2C6%2C897%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 43 B
73 B 58ms
57ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A3%3Adp%3A0%3Als%3A124694384212%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A422299493%3Arqn%3A2%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 60ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A3%3Adp%3A0%3Als%3A124694384212%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A828823676%3Arqn%3A3%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A0%3Als%3A626275116524%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A465103127%3Arqn%3A1%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Ads%3A0%2C0%2C164%2C96%2C335%2C0%2C%2C127%2C0%2C1842%2C1842%2C6%2C897%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 43 B
73 B 60ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A0%3Als%3A626275116524%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A901773249%3Arqn%3A2%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 95ms
95ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A0%3Als%3A626275116524%3Ahid%3A106282045%3Az%3A0%3Ai%3A20220822190620%3Aet%3A1661195181%3Ac%3A1%3Arn%3A736056403%3Arqn%3A3%3Au%3A1661195180781084329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661195177186%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661195181&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(104800)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
last-modified: Mon, 22-Aug-2022 19:06:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3492 0
0 48ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=2557038629801030&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame F35C 2 KB
437 B 49ms
20ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d13dafe70e56382ecad4ab14bd534955719a4ae1e1b55e81242c66cca40556be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Aug 2022 19:06:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F35C 16 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 04:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Aug 2022 04:11:28 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F35C 26 KB
10 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Aug 2022 16:14:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0221 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Pq-jSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AA7 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 16:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 16:26:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9441 0
0 52ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmNJYfaYq3hHcOYIy-r20vfmVaQlC4vpN1lgGZiGg4oJsfV8On6Lmn_hFoY27A94eyzsCTVaIN92Egll0wn_hrJmG2BI3UoRkfqch0TbV0oW4D-bqvjf_7Hucy-WuqxgrdQxM4CRSgTvIOSbSSY40AWtYJj-if5VFhhuVGHqiKesNGbduEHWBV5mHd4mkQbmwCSZpxUiek3PVjECdIcslwsaE0iVp1B1hUV1Wp4IfRtOiGkBZPzhkL668ahgR75AesXuUbwabUty8jBYkdDhS2Lp3VfhwEjzTNg45hSIXIf7yHQLVsr0kebrZ_QYugqJbdBGao&sai=AMfl-YTZcdzIf5xXD_TMSsIVujLZKywVA_PJfetJ2cvLtiaAnRdG2zo7WntnxP42YfkgSPBpqL98rbFXk3ZxR56vzBoa9f9KtZY5S0VdgJCzW43C0FHqBXqDGIBIYvp0Inz06o8&sig=Cg0ArKJSzLnfAWWukhjNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 9441 60 KB
15 KB 49ms
48ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 20:03:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9441 140 KB
43 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 67ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5e0969ca687e1a53&pm=bmv&pxo=lmm9tStiHoQNMeybwo5s2_URInCpmRoM1qHNiDa1SPdavXH0SEZUvshBNppsZtma1BydF0flLw-6lv8_2hzwHaqrFeUK3wt54WshOzrZXWHXso2L2tRswT9g-3tIQHZIIAYVt-bcXGHqIk0clhgCsCbGbPTitddH-J1t5-kpo00HBb8YUw%3D%3D&p5=gwaok&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjjzQuqCmd3e0JfWSW&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=kooppht&sj=Mp--IGU7tRSEJWGzIwMrfbYPoBUuoweJCPQMbre4lVyS_6iHNY_Ooq1wscItLg%3D%3D&puid1=adv-1661195178830-442&p1=bufhv&resp-time=1018&creative-id=138278328646&google-width=300&google-height=600

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4C07 2 KB
539 B 25ms
25ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eca7af21406a66e8e92990a707ea1049731dd488a7771c49699c5d667c04cb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Aug 2022 19:06:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C07 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource.js

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
server: cafe
etag: 10137335727447750368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:18:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4C07 0
0 59ms
59ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4rUirNMDY72DCY_13gOm-q6oDtWFqMlrgbD00MwI9a-rvoUREAEg8cvnQmCVypmCrAegAePAq8cDyAEJqQJ-QNiPoLiwPuACAKgDAcgDywSqBIoCT9BqkRbXJg3Wc8WzZWSpQXR9jV0D0v-qrd6yxGNNChV7MxnjxowMZQJCdTdm-53ouD6iVRb_XX1b3WacxSd5C6jMiKKnXnG7KdTmSeKQUs19Q0QtE74y7KlxnErPhHD_PN9M44Lq7z80GufLiA0xOL3ufWHwaHhqRTeuX5FH1g_3HcIRz5A-SCNW23gaSNeMdP8-vUcuhN0R3MoKokjx9oR6gMpXhtI8iwnfz9ZrOpKj10a6vgDwVzRjfuEsF8KdxkHxwYkA3avSTrHCpLXnAxtbf9x59KCRJXnhCzCTelKU1G3ddRWj923bkdskjktEuOl1IeQcTnihsrhlT1XVptNKhOEh7m0XDPzABJzrts_tAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfR_4wmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJH5DNIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTC4gUCdAVAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=30uXAHREH6U&uach_m=[UACH]&template_id=494
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 4C07 30 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:54:18 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C07 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus.js

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C07 140 KB
43 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C07 26 KB
10 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection.js

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 18:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:52:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4C07 0
0 22ms
21ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFEEnfonrMmuRbiW4vWSFB4F1JORCDv8-aoTjoGPQYliu4jCIOjUPTGo8BimHXPQ8cjK_9BUrRNyp1FpVuckhJZdUK7A
Requested by: Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H2 200 185aa3207a6c51796cf71c620ceede95.js Show response
www.gstatic.com/mysidia/ Frame 4C07 43 KB
17 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/185aa3207a6c51796cf71c620ceede95.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ab4ad4cbac2db170d312205e712feb7aea0ec381bf9b240ccca8a4c0be7039c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Thu, 18 Aug 2022 03:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16637
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:46:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4C07 9 KB
9 KB 70ms
24ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSqDSZjNG9Y3ekO_sVuMI1k64Uuoq4eRbkO-RtPZNPiONJ1iGFM&usqp=CAI

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24341f0243e943212442501bc90aab56da693f514e64f2d8f5eade9c5c92bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sun, 21 Aug 2022 11:04:46 GMT
x-content-type-options: nosniff
age: 115294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9058
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 14:23:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 11:04:46 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4C07 13 KB
13 KB 57ms
15ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRLNIAVPL_Ml0qjAt8uHT_Of1v2rp-LX_dEKo0418-URRrWdjsZ&usqp=CAI

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e24f69aa1b7cdefe7cdd1781ad53409b806eb359a63f3b7887176854a114ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 14:05:18 GMT
x-content-type-options: nosniff
age: 190862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12881
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:10:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 14:05:18 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4C07 17 KB
17 KB 56ms
14ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTOQ4Lzckz53KAN-BCxRbtIG_0OC4hslQLARv7tfhgRpjmxFCmo&usqp=CAI

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ea643f6f9f0a6ff053a4fa188da7fb91aa0f0d4ffe2cfb4497d68ed869bbe84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 19:33:16 GMT
x-content-type-options: nosniff
age: 171184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17195
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 19:06:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 19:33:16 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4C07 11 KB
11 KB 60ms
19ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3C27p-ksvznUb7xfNp4mLQqOYtHk0wsLxejaxhbqIeBCtgz53&usqp=CAI

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

646a6d6be82e0eded90ea1290ad728b5fdc6aa2b8ea6a9d2a5fae84626a6d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sat, 20 Aug 2022 18:30:27 GMT
x-content-type-options: nosniff
age: 174953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11324
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:10:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 18:30:27 GMT

GET
H3

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame 4C07
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

18ms
15ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Host: 6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
URL: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Wed, 17 Aug 2022 06:04:02 GMT
x-content-type-options: nosniff
age: 478938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 06:04:02 GMT

Redirect headers

date: Mon, 22 Aug 2022 01:01:40 GMT
x-content-type-options: nosniff
server: cafe
age: 65080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Sep 2022 01:01:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBBD 140 KB
43 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
URL: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 19:06:20 GMT

GET
DATA 200
OK truncated
/ Frame BBBD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc5eb0df9dc53c567e4fb77cdbf765ceb8d0f3e56d1f22962c467d6e3da811a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/png

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 40ms
40ms Script
application/javascript 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l754px1w
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp2.imcmdb.net
Software: nginx /
Resource Hash: eea4dc70872f116f73a9cffe14c26fd0369bb5a9cc239833fd5f6e47a26f0594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Date: Mon, 22 Aug 2022 19:06:20 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

66ms
32ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
URL: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:21 GMT
expires: Mon, 22 Aug 2022 19:06:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 19:06:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC6A 0
12 B 21ms
19ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ckfD-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 HhyaU5sn9vOmLzloC_WoEoZK.woff2
fonts.gstatic.com/s/dosis/v27/ Frame F35C 29 KB
29 KB 44ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_WoEoZK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:700,regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97851eef36494add9813e74e64c29aacd125f298bee582af057da8b11be153e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Wed, 17 Aug 2022 20:16:39 GMT
x-content-type-options: nosniff
age: 427782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29448
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:20:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 20:16:39 GMT

GET
DATA 200
OK truncated
/ Frame 9441 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b5f3c54eaa74a2b360f6434ca63511859963784ff4e9009ef1d0acb8fbc3597

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/png

GET view
securepubads.g.doubleclick.net/pcs/ Frame 9441 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9441 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ 128 KB
38 KB 235ms
129ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?available-height=600&available-width=300&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM1MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjgyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNzE1NzM3NzA5NDBiNzJjMDQyODkifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoia3BfMnNsb3RfMXNjciJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODQyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo4MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTIifSx7ImJpZGRlck5hbWUiOiJhZGZveF9hZHNtYXJ0IiwiY2FtcGFpZ25faWQiOjE1OTIwNDAsInJlc3BvbnNlX3RpbWUiOjIwNywiZXJyb3IiOnsiY29kZSI6MX19LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjg5MDQ1MCwicmVzcG9uc2VfdGltZSI6MTQ2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyNzE2NiJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxODcxMDE2LCJyZXNwb25zZV90aW1lIjozOTIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTUzNSJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2ltaG8tdmlkZW8iLCJjYW1wYWlnbl9pZCI6MTc4OTU4MSwicmVzcG9uc2VfdGltZSI6MjA3LCJlcnJvciI6eyJjb2RlIjoxfX1d&date=2022-08-22T19%3A06%3A19.240%2B00%3A00&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&enable-flat-highlight=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqzkqOmBMFBHHmay_XOO7q2hNzt2kq1JjmO4Zqqf6dweUhn-e6bDx9k-sdka2ic2Q1m19_bKpQC9FNAz0GaMQYyEbkX-Vs45s1WT6ssiSBDCCNMgBjFGdWSQMm1mzbRqOrU9y2sGuBpGps_MmW6AjgChpsuMixRhXXCSzJDZGnaMNSMeIJdznZoiM9eFTZU_XWarC5N5kdRmlkWWvAKsZlAXaP2iWbAFYFDDPA-2BVxGqqY_j5aFL7OqMFe6ggSiFAo-ML3KLPGIVTA9UUbBrGCKZ2TLIWVdLgci-SKgqwCih1ZVkBTicLAiEhTi4HbzCAo5XA5E3IJYrdtCks0GIVZuh7uyuFm5QZfl4XbyMrqYHC5mFtnKy8zi4GZxgC6bQcePjXJRKZDGUjWDrKaoi5ZoASzaBbMOdGumUdMeljwzLrDmTD9w2ZYetGoYdYE3qu2LwjYUWG6PLl_gYS_76JfhNjV1lg864qMfCNoWkhCXW82gXubaFlq5zHCqG44XCftAMrMtSv1ZvbRceqiBW2jSLZzmw7m9lxkWDl_50pJyUQz9rAskucwwLW9WnvnkTZOFQrOceFHQyIR7phliS5i_TB1oTdmdaArKt30IZHlYVlNMJ87OQmEpWUlVkmLjhgufmZHHGSEsqBmpDH7Vq4mrd5FTLY_hQbLzHzEzD1xBIR4XgjA4YgaHg5ml8iJyO52gyzp5pVk5RcXYnNIezJWbFRECZiSyghnkVzYMIclGJsy5OwqHlx2-i4ldTFqicvK7kXHXRSvMw4BQAp60p7IB78aAFO7yR7bdtSxfWiFJt384ALzUs8sHj8vJARKHe-GB8DKn3r6-vJUJArAly-lXPvXqk4lQSxXrTtD5Egqtms4nr6SqlWnzyTcQGYkaVlIL_roBqHKF-GM02WRVPlHEJwwAWeqbM1NmUVP44j9NE-vGXX9MhzT-95G_5KDNB8e0PnoGIY3avuCwPWKTnO46HwyH-mBL-9gz4cnui4xJA2KLv6pc10cyDQ729z65g7ZwGYd_Nb2vdqyj2xjij7pAJS7lnnHczMRUM677QbsUHucx_ig_MOuicU2EU64T1f2kF4SHmvyvnsJHnk90aF9g_gmn8EUY5j3X-Z27vf4JGx5-_SU14PP6l4qmTO-jNZPkdNLL2Cl4u6-Sg_T3uOk5R3UI8lnkjwwAL322npJ-0vtR-_wapxtZ7pNn6HPQfy2nw8slSVIjfkI23ZwV7ZxOUp-8Q9xqsYxBjVvOt81_BnpchxTdvKyNeXTla9k7IvnK7XLF2ha39Q8gHL7Oo6TqpYtyUvgVrXBQcCHgXI6BnmNdEMAHDC_wKJSZxHk9jOLLIB7kAgi54T33EruOQE44xEPce70VCSo-UJj-n8LWl5CTyc0SDK9YFWBm53cqQWkQmYchTuDxSGEQrzwIXXyMyB5zbfH5wB9-Xl5eRrc7dX4_R5snayvP6brJSBhzTECPopzARcTDxYlYWrxyomRBCVdAVtAjAZ4JtoArN9HL6mQSd7JLC1c2dDxoUfEVJ5YYXhjTBh4eFjcexnfKHebKy8qAnpVDVnnyV7gOgjkHbML0FkU5KTWD9v7kvzWEPvnySNRi4a61AW0O2hKd5Wyy-WFZbCrbME5-tTsw-uEO2HExwz7N1qgi5nEQ0c9p2TBu7Fb65BkdP1I0aKW9wv7YDuXuYcOo_elt8dNpILbw9warab4YQ3yJ0inkOIM5xP3dCSTLv2bKQkXJJzK-GShS2UGE4wAZcRxlSij1lwYNC4cnAlW4mEUk4DmkvZXDiZ4Tg0MpsnF4BFUgFQjuVoqoXgcTg4OFbenPxiSAnJk_wtXcvDYj91J3kFvyNdQlCOvccDVVMtvGFtnHSv1Yg5PHhDcSGqg6p-85StJTe2aUqum8_qzUqqnnw_eOC-SkTq_ypAvJQVR3e-UZIpV2z03QQs3MysIg6l1y4UGDxAnHRbCBoNzxAq-38oLEwIecrw2Gm-2G7bRp2W_dtkoxMqiSnju4XZ7qQsOPASkK2XAtsyN2SyCAv-x0oUKJGv6Ek7eaqFuW7NO6MtBp1eTLlHzT-iHX3HZmZ7H-RG8b4PL2TT0IPqwsoMs-ZixvaslJTSFVKruCM2IJ53FprXerQwAuAx9KWcHPY99Uu3TwgP3npUycpQzcAWS-Lx8tAmb4kyWlUINLtQ6LPuY9Mlle1uRdctN7-4egDR_bjgPV7Xr-jXlurW-p7azVfVtSIc5MnxLnmoBbBPtq1MAMEdsy4ztpuBcZeCzvn-5EM0H3k89sQDSb1uQL2GXO1ybt9MTaG3d3YFasBbisJCpQ0ceZTXCvhCuPABpQnaDKCmKqr1e67vcQlmmoi2e8DIrJ-KQcvuEE30zlQAMKKCjgK56pkG-WJo1-rk62wu6NYp7IJPMwn1YNQ22X6UnFOCP8_Krt-weWIeW7xNltaOIMJlPW6usXaaLDe6hqbiTQH5pbuEPUj5f5i5-yFOLZiH8h8aKGhxgest77VCF5a0JNs9AeW4uwCVUzkExpFYZoOhgrWPb7cMBp1QfGGfBd_aTXs2uDNLlpaDI_oQxPqerxnByrB1P9oEY8f3K079UjMYAsfKZP5bruvydNqh5vHa95KWybWp3Z-0fwau3qEV7OX-uW4SZgnQyRAcTX0bXmmWnj9kTPUeNeYZtQzown5b55KkQ5uavag5VDOb6pNGR7V_RUpm-rT_Pp1dLa9fHmD0VbTw2R4VrXUWIMcHvZCUmO0JKufz-oeMEHu5H1MRvynwGaZruaKmo1DSXny9vV5FfVnZJh5gy6PDO9uBY503WMV6VZeymeXZfyrR-I1OvkjPKX9XJM1TpbLOeuAR1vNJQZ3VpGKDP3n2KqQAvGlCpFKdmJ-_X1n89Zn-drA03Fkb8fsX7NHFjCf46hQKEp0cDQiaBcPgp57RD7ix7oW9uQjq0WD2pslx3EQvmctVgtKgFw4bFx7hgoUsFl5bqCb3Ohpf-nfJVOQWYO_hZr41KUd605iVP23_huB7ujQ3nkMO9tzUMyZBjjf1ayJ0ltmlRn_j_RCFpayY7DkRTQ8lmWtpYHoameibkdp2nGUZb8tE-dTV2bXtXGVhQ0eV2aPSqdfWHzvxLbKUv41GqdYjwkZfpNKKphTr3JOrLnZ7f2pyDxfHnrwjodDfMI3hbCQo6pBrjsCIr5NyWvhPOlEKhPUtjCyqD3i9eUebCVDlEnaD0A47hv7ZCqMVCTEPhPrZG_vlEWvBVrYjAS_HJlBkqnqP4BrX3nJZSp_yYTkomrcqiYDpwXA34ed2q2jaNpQ6lzqdX-MGv6hg23RtL1FCyuc5y8KJCuOTXf7h7DJpnkH7kjs3yAOzb9lK7Hv1u7Zql57BB6eVzyHuJlasuqd2WRp6dzKQuzlNEv0p8wrBLuHw81e4Yp-2jchUG4IvP2hMLhFKhYKRSi_fXH_VOKh8Gn4Uq0I-7PVuhWfjVYXMjQyrKuonMA6_0WlNFkJo7SdGev6wBjKKoKw8e9UoFRontbZj4JJDL6SNB-uoxUZ-LBKI48rEe8nn9H07PET1PvN1tVoEtXxiLhN8GyjJ3VKyHxM_edlqqnepLb9YQ4a9cvm0guB5-KvEfY-b9ufhLnhQojYTcOscNkPl6J8jbvg6JM-rhaRFaXGkfTJ2vTjLg483H4N8spVXtgk7MyRLA5woH1tQFBDdB_xSmtxzvpW4R0SmgCX12TCWEtS_D39XmDbdFpa7-GuEgGcJT_nfNcJ4Z27eQdW6h6k7eOwFS0fF_pRdppf6jhEvy6VonqN1YahyscLhSoZ8jNDtM3LRhTHTNN0l6K3xqpxUeeeHBJn0vTdJ9yTJk-LOZ6iasRdY35CT786do_6_QNQV0y8ZeXZutcDozT0QmnzVNot9RgDlShzJb4PS5WmimWz5gBQfkc6-4I4_xPhV82wFRULl5GZiczl6Pyc3G5eLnL258P36I05vrcNr6H0YE4NUvGPHmpFjlke8Q3l2qzq6zMe35EUg1-eSiGViubig5d1zk3jqn9aBOFFofzeEQttkxN6Z2q8xSgP5i0vMb1r6SP56_BJLYH52RASztzw00tZmcxP5N8Tm3NrVWKItFx7XRxvzfHxy1bSzkW67h2zOtubm4YP3s_4wwtmH1EVd2T_JkrinWeBmnElExYUduZ_2MFCdCGihqYiMZT02_pp4m61XuJprPJrMt8Hq6-S5woFtqcAsED43rZ0Y5p_0fdqirGGx3J9S_zdCq5cZ_XcPgvmWRJ_m85I7CL3WADRJuV8ii-J_-v3PcqqPgesp5BZmD5KJ1g5j9u8fGItF9SLemR0VYxbNB6K0YzAOwwvoGB9iY__X_Hg5bCmQZsiR50d1mWgRfyInxYNO3r48sbzYTLmW5rRDBJD1fds1lYYaWCoMoZorAygEwBZUBSzECMiddDRmJTmF5ahj8r2xSwsczDSSQ3RfbKY38F7r6Y_uzJU3_XOl5d421NY1N5MMUky4u4uvUKfKpuU7_Cq_eHtcTFG6UuUF7LVgy816KgEIdXSSZQGSpsonC4hJmkRRctL69jSdwjFsuXeVUkjkNwilROdJxI2dGlq0fM5kCEuOAgdrGjveJAWyq4MUTiR2GHi5U7xCWmyo2OkwnJ5jBmAtVqAx94y8ACGfHKyQhwZGhRtnjDsaN9BRjysKnKQT6cAvsrm4-92YvouEZ9C7u2wlbzJzxb5kXltef8xrAuJLmDZ8tFsLHlQdqzS-k2Zj2qnmMK5rziPxrHm-YrIKy77EWbbO15EUtPX3ui77KUoz6iZ5OJrU7Cuj2FHuAtjfdV5dYYv5nQt_p8Wh05KlO5bU1djDSeQaL4yYpFcxOI6MIDR6kbVyFXUzGB_XU6z2oG1JAN0ol84zeRktyAQR3LlBZNJX34r-njDDJj3V6ThT7vcYXTl1vSopLnKRZ4PAkM3ITxokJVPmJxJz-1f69lCM8L5sa882poZ0heIhZvKgQlW03bYovrANqI0hSMKGNTEMX6W9DAiM4y05vWNzU-kBJtLaEh5jbziPilpqu5VWnWvuhF&grab-orig-len=5120&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&p2=fbao&pcode-flags-map=eJytWF2P20QU%2FSurPAOyx5%2Fp28SeJKO1PWZmkmyK0Kioi0CqEIItIFWVACHEAxLin%2FSBSoV%2B%2FAbvP%2BKM7XzYuzu7W3XfkvU5c%2B%2Fce889zrMJX1RCMlNypVhucqqpqamkpTJzIc2a50wYXplMlDMxefDZs8kPj548PZ88mJz%2F9O3ko8nF%2BfcX%2FDE%2BRlMvjKLJ888%2FmqypMpKVYs1MtqRSMW3mUpSm4NXpgELLFTvmiH0%2F9JI9B6vorAAHrWteLcxsa3Kxqe7CEqfExcIUl0h2xrWkmt2HTLJPV0xpsy5p3SVFc3ULQUJSb0%2FQn2nDMWtarIan%2Bx7%2BBmhC4vRwIyvFTMU2bQaLytYFZDYrtZJrtr0lEpKmYezgUryscVMfhAvl11xUHyiwjL5fXLVArWpqGaUoClMwuv9CsUxUo%2BLFw8sPSHRUujFZ11i5O54hRSFQK3aG1inowqxraWrJheR6a%2BY000IOu2HEFMfpnknptqvXTCpc8zCJIEzS6RAbBUkXxarihaA5k%2B1407I%2Bhl589%2FT8CBaSNJj2MHthStpijDBjHTgC0RyXzCojZoqhdMPkzr959MWT8wEyiMm06%2FU5P4MiVWbJ%2BGKpTaXdR4ZRMPVbYCZWlTZamLOldELSJCVhC9nSKmdnRq6gLiXllVPkvIQEfXsNlNHMV0WhMol0nXg%2FIIG3T3EmxSnuB%2BmZheS5G5lEaXxtwCbnSks%2Bc8KJ78Vdvg9ZRdpwzYbneml4SRfMiQ39sO%2FhFovj2t6bCWn7SNKcr9TJHRm21MbdBWxosaGjgb6CDJK%2BtPm8hvyqWlToRc1LJlZ6ACUj7YzC0Au6nOtM5NBcC620%2B7wINH33zgVumdlx2Z1nZ9cND5OEXIXzOfaE2di5va1DbmDYBXBlZwTeTWhMnOaYPDTpXFxdvuODIw8LvIVCJWVlSmsL1lRyOroyMob1BRpNhGQbigbJ7zoaYNpVy3oGUzJYkX3BmZTQq0IsjjmiAT71wq5ye03Frl9ztqmFdBc9TuJesuzjpsLqypjCZCycsIQA18KUqrHRsyWzEZqayWzUZ1jsA2TkT7tcc1Yw2AGoAW5qI2FSULBe9u5hvlJoZ1cFyHrWhzGa65G6R2lKoq5XdhOdwxZl2mTKqZ3R1E%2FSIy3hCrmjPNrQzOatXIdOg8j3B9hWfxTESC9tg9c0z%2BFo3CRh1Je61XvcmN7WzATuqKH50dFglTLDDSs%2B4wV6xX3cNIlvRBq4nKzgmXu6DhzlqtB8RqsKYWMbzzkKz20ScABuHZ6mJEmO4uhJujbBzoNM1AXdzmh2arVOW5cy3rpDytgjYdD1wELSGXE%2FC3HxDs%2FCLj4cxBv5xHM9f41m%2B9ENiC5BXtkethcsmc3MKhmv7J3DRGen1vhicG4JOoriQb8tWWt%2F8ALQ%2Bksn2o9I3AVUSsrvKmWw%2FF7atZr1sZLNIWNLO5M8c%2BMwxmHf18hUllbBJKt2dq2WbOa2CVABrxeC3VDDukncImwR9AmdccgBjs65zWJ%2F6of7eBS3YXChrD5mS3cUcUi6Tm07G8e1rWgTgM29BUqCaO85ueoXoN0j3esWGsNJEMAGdC0tpclXNUYTL1x5a7lVJ4xSDM2S94nnjcy25%2FcJjLaaDao3Pm08eLnVY7m6GhIJ%2FC6nkuWctiSdJbkn%2FOZgOhf2XjHphfigEeVsTqFxu8i6XxPuSGfnBbJazAS8w62Y3kkfGhrr01Z4gQTcjU386eG3itZgLaTVGVVSGONrFvh1b5rTozdzwLd4t8TbeHbtS1kSusG4OHVgUDK76%2BG9Vyh4yXUrEtjFAmyF%2B%2FawhoOBTCx7%2BNFtQiBPtXBLRACDnh489vgtDwcl03B0dNJ7n2t6BwKB9ptD4LkunNswJiSKuxrufuFpWfqdQSGe2UppjENLZTQ7Gxa0%2Bbt517y%2B%2FPPyj%2BblSfOqeXv5W%2FPu8ufmTfPi8nd8fnXSvG1enFz%2B0rxo%2Fr38FQ%2Fhny%2Bb%2F5rX%2BOINsP%2FgQXwNjr%2FuF9ggjB%2B%2Fvvjq48fnXz56%2BuTiWprn%2FwNHtdbc&pcode-icookie=hsdzRfBGRmvQgUypcdjP%2BLkWmn3jMTAdQGJWO4yA1omYOrb75xZ332cxd3OVxBunBFR9DODs3hDJVO%2FsbAoiQYLdduw%3D&pcode-test-ids=628987%2C0%2C4%3B633513%2C0%2C28%3B634378%2C0%2C10%3B633794%2C0%2C4%3B622565%2C0%2C-1&pcode-version=634516&pd=22&pdh=1200&pdw=1600&pp=hrs&pr=2076820659&pr1=2484146780&prr=&ps=bxyd&puid1=adv-1661195178830-442&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&pv=19&pw=1&route=ssr&skip-token=&slotNumber=4&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&yaru=true&ybv=0.634516&ylv=0.634516&ytt=362840447909893&lvlfrom=20&rqs=qiebQhu951ar0wNjjzQuqCmd3e0JfWSW&rtb-si=1&dmv=2&csl=&ad-session-id=701901661195178878&rtb-answer-hash=319014069766657966&usgn=AbJWyl092vVgT6NNuXxBNr3y5OgTQGMVASmCHOmFyeO7&resp-time=1237

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

283cc22505724535a9f9a2cc2ada622d58d56f11cceed236d5a54c11207916c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1661195181241144-1285539505936236560200103-production-app-host-vla-pcode-128
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Aug 2022 19:06:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:21 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 80ms
79ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=bb37111796d18ded&pm=bmt&pxo=lmm9tStiHoQNMeybwo5s2_URInCpmRoM1qHNiDa1SPdavXH0SEZUvshBNppsZtma1BydF0flLw-6lv8_2hzwHaqrFeUK3wt54WshOzrZXWHXso2L2tRswT9g-3tIQHZIIAYVt-bcXGHqIk0clhgCsCbGbPTitddH-J1t5-kpo00HBb8YUw%3D%3D&p5=gwaok&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjjzQuqCmd3e0JfWSW&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=cpbhnyy&sj=Mp--IGU7tRSEJWGzIwMrfbYPoBUuoweJCPQMbre4lVyS_6iHNY_Ooq1wscItLg%3D%3D&puid1=adv-1661195178830-442&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
866 B 3511ms
3421ms Image
image/gif 82.148.14.206
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDNhNDJiYjdjLTIxMTItNGVkMS05MjQxLWQxMmJlOTI1MDBlNBoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjYxMTk1MTgwOTY4Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDQzZDFiZmQ2LTA2ZDEtNDgzNS1hZTEzLWFhMzhkNjg3MGY5ZRoILnNtaTIucnUiAS8oiA4%3D&rnd=1661195181141
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.148.14.206 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: ads5-2.ssel31.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Pragma: no-cache, no-cache
Date: Mon, 22 Aug 2022 19:06:24 GMT
Last-Modified: Monday, 22-Aug-2022 19:06:24 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Mon, 22 Aug 2022 19:06:24 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 138ms
46ms Image
image/gif 82.202.225.240
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDNhNDJiYjdjLTIxMTItNGVkMS05MjQxLWQxMmJlOTI1MDBlNBoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY2MTE5NTE4MDk2OBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkNDNkMWJmZDYtMDZkMS00ODM1LWFlMTMtYWEzOGQ2ODcwZjllGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1661195181141
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Date: Mon, 22 Aug 2022 19:06:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 114ms
39ms XHR
text/plain 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp2.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 19:06:21 GMT
Server: nginx
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 4C07 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d3afbc14dd4419c1c461d12c77e50611e737a335e5761e806c4a401d4c7929c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4C07 14 KB
14 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668d14bbedf6e858073e3a3c42d596ef0e929b7a9b7ba8387e3d93ae54fb09d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Tue, 16 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 507161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14544
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:50:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:13:40 GMT

GET
H3 200 logo_augletics_small.JPG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame F35C 8 KB
8 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/logo_augletics_small.JPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 272498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 19 Aug 2022 15:24:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Aug 2023 15:24:43 GMT

GET
H3 200 AUGLETICS-Eight.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame F35C 46 KB
46 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 518601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47346
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Tue, 16 Aug 2022 19:03:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 19:03:00 GMT

GET
H3 200 AUGLETICS-Eight2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame F35C 45 KB
45 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 272511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46135
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 19 Aug 2022 15:24:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Aug 2023 15:24:30 GMT

GET
H3 200 augletics_eight_small.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame F35C 28 KB
28 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/augletics_eight_small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 272511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28813
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 19 Aug 2022 15:24:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Aug 2023 15:24:30 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame EE7B 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Sun, 21 Aug 2022 19:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 19:04:38 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 57ms
57ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=a956a6d0c7b860a1&pm=bmp&pxo=psuC8Hps7A_YKeSwEdMXOobxSW_M3MebBSKFptdOYyy5fh3t9MC6Gtqxcra-O9EcceMxHyMd2gc5mRl9R0TLWsKD44thxLiPNDqk7PWi_wNcjuRIoQW4hjruGKKt0_IBrGCCekLjytMLNLnBJUWjd60IxW-7sZNFhqCejuh3ta_nuC5q6XDx&p5=gwdbk&ad-session-id=701901661195178878&utg=oxum&lts=fjvezig&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=hvvebtw&sj=XduKn2qjjSVLhQhPTdlgrZFKHsfF0wrfyK8Fk9QTWAkSzhRg3dxFGnRYfCvbag%3D%3D&puid1=adv-1661195178823-935&pr=gsushxr&p1=cdinl&rqs=qiebQhu951aq0wNj_Wa9XmsOnfA2TxEn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 7AEB 105 KB
37 KB 47ms
47ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 07:03:04 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 9ee5fa9ec74bb7ae

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4365535/8lNkjkqKzJbWf2_MeIkjow/ 20 KB
21 KB 65ms
64ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4365535/8lNkjkqKzJbWf2_MeIkjow/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 60b5b156e3453ed7666f078991113e903d91842b993bfd33b78fc9233032ad22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
last-modified: Tue, 02 Aug 2022 08:13:15 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 20786
x-request-id: e2f236f52df2381a

GET
H/1.1 200
Ok five-beach-jbr.com
favicon.yandex.net/favicon/ 834 B
1 KB 55ms
54ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/five-beach-jbr.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

15e05a375e696f0bd0bf2036553aafde1e7edae58896362ef9e7db4847a8193e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5287762/O0_Xj9G1Oo7Wmhra4eBAng/ 47 KB
47 KB 85ms
84ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5287762/O0_Xj9G1Oo7Wmhra4eBAng/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: cfaf79360c9dc5aa61350f572a2d61c4ac630b898435bc3abf488db8f9d36f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
last-modified: Fri, 10 Sep 2021 16:08:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47966
x-request-id: 53e1b963f87e7063

GET
H/1.1 200
Ok aphroditehillsrealty-pr.com
favicon.yandex.net/favicon/ 795 B
1008 B 110ms
55ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/aphroditehillsrealty-pr.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1c1f1fddbd0b997809bfaae0a6e7c12788f7c0861847538488040cd560df77e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 7AEB 158 KB
56 KB 52ms
52ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 10:37:44 GMT
etag: "63033248-de6c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56940
expires: Mon, 22 Aug 2022 20:06:21 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 7AEB 400 B
839 B 69ms
69ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.tumen.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4bb56f371b2a2447b9ddef5f029309c1158041c0b28f9bb21f33988e582d8fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 90A9 0
0 52ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=679379330719404&bg=!HxylHFjNAAYUOm8VNDo7ACkAdvg8Wj5BXrV4pVR8J6_boUi0ertD4hPlG-zOMurNpPuclvHsABSClgIAAAIwUgAAAAJoAQeZAr_kgcO8eGqztrrZN1ankIzsuGHyrU9XOjRJr3_eK1GY35BdEhgHSibJUQsWv3y9j6Lokupnaa8WTd_RRZ-NNtRJF2Mwo3D6LqLE3ZVke6mY0t6K4yyCYyL7hukHXGtDMEUhQf96UK7CecD1ziDN6Ydo1Pbn8sSyQCg_KvksyeOlv7ysuwdKlKO4XHGiJRm-StZJSd2xy34fFWSa6FA5oS2xKeORrdJEmjViyLmhQaVW6IKE79fYNnyLBJVng9pNLpL0UjIDiQ5WD7o-tHfdZbOsd5fN-o3fcQ2doddKPRuk1hD-LhvcQczLEmWeNyRpkwQlb9rsKIjPwso-U9_0iwPwsC6b2sFgfsIk7v4ehlcAApnEyufsg2CdapT0Jk0z6MOvWsERLuYlzugvX3tQF8SNXVwziKgmAW_mrQgvAREdMXzvs9_NDcVsS46_2yPvMBEvCNoexF25ldHnnJC4L4v4JoopFWA33jgG9kkyVF8h8-LZzKu5qzFEkP3_oHbh2gUZi9XLdezEKvYZx8y4xz7pmY3lHlVnW3DeljI_HuRmx9vaaFP8FCDugtu9kjBAlpkQzDSdeDuLL0UzPwtR1zXLN1YQ4I2geMKaEt-GCe-Krole9-WI9BIlAgr7Katg2seO8T55bufN0ki5NHCQuAHybGinQLnJADE1g4l-XtuIp_OHpOKciBzjuGKYS2A5MDLLYxfrJCuU32RgTtceX7N10wG849WIqkzbPMNrlXb_BZqg_iZvdzFlO1h22Fs6Xuoumxxs92d6gAwF6a1Xaz0Oqc-SOuR1HnAQ8v5UUopTL6Eskqvjl0Z8EoJo_UX0YFsQW-2AirCjWIh-6vpMwBDecpQh2zFy_J5aU6O6lNEJbPg6iLwzeYGfO6doOOMDKeIMEuD5KNpk2HsDUmZ33Uv7oUjb5TpEoFYM0hHIXSb4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 79ms
78ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=7231ba7943851490&pm=bmp&pxo=ATgpvKxEW35KbzZa46C_Yidyb4hHYX4IwTAHQXeIoM2pYGAWEywo27a3tKb4vhGlP77s2BRf_cy325BiZG0uCBdInQGmpyRzwhLnCBPp73IyRKfcIpIBzjvhQRx2KZ3EevLEAA4XAybyWjFKR8Y2f5hDjLZl5ZoDMdKDrCnKeIV3yirutWE%3D&p5=gwefg&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjUo4mquWV0z0UGMKk&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=cwkgaaq&sj=3K87mjgaSNC9yJ-jrJD2A-PInCLeBy-4O1DMu7w0cUM01r-FgwdeMpHjCxSJeQ%3D%3D&puid1=adv-1661195178828-573&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7AEB 41 KB
15 KB 113ms
78ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
server: cafe
etag: 17682506513748322061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Aug 2022 19:06:21 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7AEB
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rdMDY4jnJY_a1wb6lImACA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353
https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353&ipr=y

42 B
64 B

63ms
30ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353&ipr=y

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1059175287&crd=&is_vtc=1&random=2113781353&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7AEB
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rdMDY_rnJefLmLAPqdGH0A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=138671476
https://www.google.de/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=1386714...

42 B
64 B

31ms
29ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=138671476&ipr=y

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=isnWCLGxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=156464365&crd=CJqqsQI&is_vtc=1&random=138671476&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1UyhM6BK0HW200000000U9nJNAK-sqbwx_CmGubdTvwLNcjsjbnzcJcP0GWyOIAXstvP5yJsfJ4mf382nJCbdYsv0n8lvG3oQXE0H2iZYEm4oG814yDCHaOh27iX8uiAXBMICKi1mjhBw278pN0Kp3_Bo0mKkSe8qdgNaS66WUaluomc1eQvJ22HfKmwG6ejKmHGv... Show response
yandex.ru/an/rtbcount/ 43 B
149 B 55ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1UyhM6BK0HW200000000U9nJNAK-sqbwx_CmGubdTvwLNcjsjbnzcJcP0GWyOIAXstvP5yJsfJ4mf382nJCbdYsv0n8lvG3oQXE0H2iZYEm4oG814yDCHaOh27iX8uiAXBMICKi1mjhBw278pN0Kp3_Bo0mKkSe8qdgNaS66WUaluomc1eQvJ22HfKmwG6ejKmHGv2pJVo1uolG2gE4Laq1UfsUKn3C6XWzV9wdSVCRAy9U94-GGPbOWsSii02IdCeECcClC0hAScOa1R3lBHkQwoQVxhY_VotcI6URtgs2LTy7aJsO79twmCsUnA1HcfYO5PfHQcXec5XcK-sLbLGMM5ZhdfXYd6dYbXGU7BsJPVy8Dh7W5IsF91XR67Ioi1rWORx90FFh1_Y7BsJCWyCR-BGl8knDOMniw6jeE12rWvJp9kla91rZTJTPLrslQwvu9-7vb1NcoWws1PGBRglDlfcnP_Fvps0osAuU35x3jtlJmJTUBJt_MCwvaWvbwWCtZ11lp8pPUusmdg-AY5FTIzymayvTiCFj_mbaJsHN-t5fzB-ID_InsDZDZ4rD3imtiJ3lOcKwmYpnWFtvm-zwNJqwyoVl1pjF0iVw48G10xR1A

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:21 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:21 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 7AEB 167 B
262 B 57ms
57ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A944734986705%3Ahid%3A618357720%3Az%3A0%3Ai%3A20220822190621%3Aet%3A1661195182%3Ac%3A1%3Arn%3A886335593%3Arqn%3A1%3Au%3A1661195182637299948%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661195179527%3Ads%3A1%2C92%2C37%2C3%2C0%2C0%2C%2C356%2C0%2C492%2C492%2C0%2C492%3Aco%3A0%3Ast%3A1661195182&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

68d8a457fda72b10b88ab2e83795d14d9b2dfb3b1c2c95a605cccd6b5b310fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:21 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7AEB 43 B
72 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

date: Mon, 22 Aug 2022 19:06:21 GMT
last-modified: Mon, 22 Aug 2022 10:37:44 GMT
etag: "63033248-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Aug 2022 20:06:21 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7AEB 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661195181692&cv=9&fst=1661195181692&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28167e0895d0754b9afd055ec28510988161769e6ef225539508e85c0561d072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7AEB 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661195181696&cv=9&fst=1661195181696&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a90c9a197339295f71c9bd34c3b57b0f842e0ee04e35f2fdee6c9145815a88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7AEB 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661195181699&cv=9&fst=1661195181699&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8762d8a4d47ec32cb105bbb544a0d3406639de3cbb193fbb5666e3e4f3259150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7AEB 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661195181700&cv=9&fst=1661195181700&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610266fa5836ae63ed85aa786461ee410375678d263a6edb07f7e8351e6e289a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6E0 0
0 58ms
52ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=253065605676435&bg=!UVKlUhbNAAYUOm8VNDo7ACkAdvg8WuUNgt-QCJbm3LK_l01AaqVHVMO0uF75yiPuokXXQTz1Vvq8aQIAAAJJUgAAAAJoAQeZArzd9QLVVXM0Ui2Ou7-5dYX3kNq9EeNiRKZaIxYBfFKVsMIQD4jiuqaW3H2-nKkySPksMHnbwR3-eNzHv3hV4zqO2WZPG1w8Db8EZIpxzIGSWKZfS6f-GH3pllytGEOgOltCLZ_VbSX_fq7IILqAgEpa1AE8rxyxYkTJWc1TIjf3eg8qEMfJNd_AyY4rmbnjqaqC3I44xwE9xYV1cyeI4sbol8DNVRlJIygh-Rhw-_36MvJHE-E5XwcOPuI-WaVF4KauQdJB32H22vFSuR5_hm5c6hhJSjuM3lO7DvFQPCOQeyq551fCt4VjduUL4SdKL6j1Ae2wIvzZPWm32LIRB46urGIOM38M6HjpURP1GqwAymqVfDulekoCi0dG7DEnC0K7ncTS08cl82xmhxPxW5bVXUoY55cjIrkIy2naSfJbaXrFAcvIOyS-wdSCfvhrhs-vr14Pwk4ejFR_xVwP0Zf302N4gVN7CJzGo0Ro7zOyxuo8gQD5TVotHKqmiOGX_ZyJsszSJT_YJPPQv797YCb-xq3BAdH0qU6AeKQUX1eGq0298543srG6yzDdfNccHNnFewRJgkVbNXhbRuoeEWGqcUN2pfcHuIj_757rYEUrtbhUFtVI_vW62U5w4L66ZfhMhb6JvV9yC_TTSA05xuLXB7ARsCVuOc0ZgWW8f3FxeVIFMynH0eScHv7tKQ_z9JXI36SQZ5f3DdNOddkmZXNGF5YGfHh6_O97a6jWf9uReiIOpT9QD1Y4mIOXOWHOL7MEDfqKtTal--_cUekqE1XikbsTPfsA3U09lVFeecIlLGp5JedGQWP3G-6SRv60aMF4_2KWhkmYk-cnaVl5yAs1UcozsKrovSq5XIxVOSUVAH_GsePts17M2MFN9xMCPU3rRRqN39SvDZd0GY1sDDopVztIe43o5xQrcRmR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7AEB 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661195181692&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1266176825&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7AEB 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661195181692&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1266176825&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7AEB 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661195181700&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3561872465&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7AEB 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661195181700&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3561872465&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7AEB 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661195181699&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2732598516&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7AEB 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661195181699&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2732598516&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7AEB 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661195181696&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3680812020&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7AEB 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661195181696&cv=9&fst=1661194800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dopera%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3680812020&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 7AEB 350 B
385 B 51ms
50ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22macos%22%2C%22browser%22%3A%22opera%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A1%3Als%3A629218411642%3Ahid%3A618357720%3Az%3A0%3Ai%3A20220822190621%3Aet%3A1661195182%3Ac%3A1%3Arn%3A944818438%3Arqn%3A1%3Au%3A1661195182637299948%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661195179527%3Ads%3A1%2C92%2C37%2C3%2C0%2C0%2C%2C356%2C0%2C492%2C492%2C0%2C492%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661195182%3At%3A&t=gdpr(6)clc(0-0-0)lt(24000)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

115d4058d7000ee13a798fb0f1928bb7a41a44296c6cf047989d9f8776ab1037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Aug-2022 19:06:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 22-Aug-2022 19:06:21 GMT

GET
H2 200 1TYLJF7U0Hi200000000U9nJNAK-sqbwx_CmGubd2aufrvgTBLTVPavc009Fc4Ze7EFLuR5zQGmCgOn0yKo9PmdM8F5I6I2lDW58j3A2o4wGB10mCSna_7iDmbx8UCGVmbh9UCeTmjhBUFSh7yDHCFyi8qZJLJ1vbv51Xe7fB-Ci9WQ6kKmWaQLCfvWP6DOo_GAop... Show response
yandex.ru/an/rtbcount/ 43 B
156 B 58ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1TYLJF7U0Hi200000000U9nJNAK-sqbwx_CmGubd2aufrvgTBLTVPavc009Fc4Ze7EFLuR5zQGmCgOn0yKo9PmdM8F5I6I2lDW58j3A2o4wGB10mCSna_7iDmbx8UCGVmbh9UCeTmjhBUFSh7yDHCFyi8qZJLJ1vbv51Xe7fB-Ci9WQ6kKmWaQLCfvWP6DOo_GAoppBz1uAdJ2-08g-O18exW-8bdZ4miFJrgTnynihmbwb36EWGPbQWqbvc0I0vbHban5nc5f3bp4mC2Y2xMJOorqq-tNTz-LxEayoh_AyxhNXdLdOLhF8kcFp9xE343tRcB1Q5mipKfC2CKajJmyGYWtA_h9J4R2Dlbr1Z_uYiqhBA-FI5BDAX4CKhMFwkPTx0mhY3XVK02-DD5eXFFzW_P3bx1WJUsBzb0Vbt0cjhGqT3su6W1QoS9ratF-40gxl9kkfwJNlTCm7VhwmWNtQmDR1CO5jr_isKBOlVVmwRmNRbSF02jjsR7hxfUl7fpth6bMmmKm-mUPnWOtx4nckSxMHbc1NeLkgUcMJ-aWrc_qyuQoAxmfzRg--5lB6VnSvcPcnYQcYsWRr1OGSxumbsaGVi3mzSFTdvujt4h1_i2uqREBQ-Dm003Mkov000?confirmTime=2100000&confirmRatio=1000000&test-tag=362838837166082&format-type=118&actual-format=10&rnd=9751791017940&banner-sizes=eyI3MjA1NzYwNjUyNjg5NDczOCI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:22 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:22 GMT

GET
H2 200 WOuejI_zOF409Gm0r1HNgpESpZyVYWK0yG4GW8200J6hqmDZ000003YScWE80Xov0gRp98YwvjPcy0BQxF753_050Q06m0791gedcq8RlUTMgGSOvc0xPDQ3Gy07mAkm-W7G1mBuW0e1Y0eFg0he1uWBEAeB47E9KbyOvW0018wE9Ddcy0i6u0s2W821W820Y0IO3... Show response
yandex.ru/an/count/ 43 B
266 B 62ms
61ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOuejI_zOF409Gm0r1HNgpESpZyVYWK0yG4GW8200J6hqmDZ000003YScWE80Xov0gRp98YwvjPcy0BQxF753_050Q06m0791gedcq8RlUTMgGSOvc0xPDQ3Gy07mAkm-W7G1mBuW0e1Y0eFg0he1uWBEAeB47E9KbyOvW0018wE9Ddcy0i6u0s2W821W820Y0IO3ggVtPQ4rRkRTgWFcCo3aSJCzS53a13wv8U3bPcBgk2Lc7q2u1G1y1N1YlRieu-y_6E05eM0Y826m5AW5l20xPS6oHRmFzWMWHUe5mdG613u6AsenUp0ywQ_He0PYHcpvB0Pgi_ibBIZx_DMk1d___y1m1cgh_ExwC-vY4tI6H9vOM9pNtDbSdPbSYzoDp0sBJBe6PWCy1dw0PWQrCDJi1j8k1i3WXmDCsj2EZ5gKKPrHsbYD-aSW1t_Vu0WW228807G8V___m4G03F3QvWnQJnoCX3ZKx0Qf8DBm24jy4h6D34yuAvUywFrKJFWoCJeYh5sJaRXZpARSESmeW00~1=WGWejI_zO2q0zGS0P0snHR-zBG66WC2tkTsexiS1W07zqRMwjCwfcRO1Y06swzthbG6G0QIAj8RTW8200fW1f8gqXbsW0Q2e0Q2u0RxUbOybs06oiyYe0U01qiJtfW7e0T83e0AedzqPi0FB48W5xi0Pa0Mxdpgm1Rk56RW5kuKPm0MLiXoBd0Qe1i01gGSOvc0xPDQ3G-07a0t2W806u0ZKp-uCw0a7W0e1w0oR1kWKZ0AW5l20xPS6oHQO5--8Z2-u5m705xNM0Q0Pm06u6V___m616l__Bniq1lWHg1u1i1y12m16rs2C8WzXE0GXPiyIdWTxHjGyUgLqZXrrwCJ0kgb9Th1Dm040~1?stat-id=28&test-tag=362838837221905&banner-sizes=eyI3MjA1NzYwNjUyNjg5NDczOCI6IjE1NjB4MjUwIn0%3D&format-type=118&actual-format=10&pcodever=634516&banner-test-tags=eyI3MjA1NzYwNjUyNjg5NDczOCI6IjMxOTUzNyJ9&width=1560&height=250&confirmTime=2101000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:22 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBBD 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfcnawrEgH_GtNlVIKGXgkvMeVjEsUo6u8i3ENDVF-TNu0sb3PfChUofG9Ixl-02Cv917jKDq7dOnefDDrgtPzQ-V9ioBvOipVu-H4sUVUMsUnergO-VxpZ2PQfRdp9o7tS113nNg2aeudRQ&sai=AMfl-YQ_uceyUP5Fq1eZfUbrlszYTAJygTCfoJa1VmlM2HLAgx6H-HBOyR1v6rgsjw1Frc9WEgfnuE5aHPHsvJ3CYYcS1h3jWpC8OdQnxZ7YboK6PH5APlg62skQSnEFzi0&sig=Cg0ArKJSzKMp8Sb0I7eAEAE&id=lidar2&mcvt=1000&p=389,1410,989,1570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661195180435&rpt=696&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 59ms
59ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=13f68be7e46da784&pm=bmn&pxo=psuC8Hps7A_YKeSwEdMXOobxSW_M3MebBSKFptdOYyy5fh3t9MC6Gtqxcra-O9EcceMxHyMd2gc5mRl9R0TLWsKD44thxLiPNDqk7PWi_wNcjuRIoQW4hjruGKKt0_IBrGCCekLjytMLNLnBJUWjd60IxW-7sZNFhqCejuh3ta_nuC5q6XDx&p5=gwdbk&ad-session-id=701901661195178878&utg=oxum&lts=fjvezig&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=baeyfpx&sj=XduKn2qjjSVLhQhPTdlgrZFKHsfF0wrfyK8Fk9QTWAkSzhRg3dxFGnRYfCvbag%3D%3D&puid1=adv-1661195178823-935&pr=gsushxr&p1=cdinl&rqs=qiebQhu951aq0wNj_Wa9XmsOnfA2TxEn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1S4LpxtJ0HW200000000U9nJNAK-sqbwx_CmGubdTvwLNcjsjbnzcJcP0GWyOIAXstvP5yJsfJ4mf382nJCbdYsv0n8lvG3oQXE0H2iZYEm4oG814yDCHaOh27iX8uiAXBMICKi1mjhBw278pN0Kp3_B2D9q5KpUPMImOM3wopYBYO5XBXD8P2cJ3f1QonG153dBz... Show response
yandex.ru/an/rtbcount/ 43 B
156 B 56ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1S4LpxtJ0HW200000000U9nJNAK-sqbwx_CmGubdTvwLNcjsjbnzcJcP0GWyOIAXstvP5yJsfJ4mf382nJCbdYsv0n8lvG3oQXE0H2iZYEm4oG814yDCHaOh27iX8uiAXBMICKi1mjhBw278pN0Kp3_B2D9q5KpUPMImOM3wopYBYO5XBXD8P2cJ3f1QonG153dBz1y8dZAzO6PWUCKaaDVf6INnZ87XmzT9AZUViJByPU84EOIP5KZsCWi0oQdC82FcChE0B6TcOW3RphAHkMxowRxho_TodcI6-VqgMELTCFcJsS697-pCMImAXPcfIO4PfPQcXeb51kL-MLbLWQM5phafnga6NcdXmU4BMVQVS0ChNi7IMBA1XN472-i15iQRB12FVh1_o7Bs30YyiN_B0lBk1DRMXew6jWD12rWvJx9kVi81LdUJTTNrclQwPmA-Nrb1dknWQs2PmBRg_9ifMnQ__nmsW-tAuU05RBitFNpJzUBJd_MCAzbWfXvWypZ1nlo8ZTSusycgk2Z5lTGzCydy9HlC_fzmraHsXJ-tLjyBUMC_YvtDpDZ4rD1i0plJ3dQc4-mY3zYF7zo-z-MJ4s_oVh3pD72iFs4803t1i4W0?confirmTime=2100000&confirmRatio=1000000&test-tag=362838837166082&format-type=118&actual-format=13&rnd=8405673956718&banner-sizes=eyI3MjA1NzYwNjU0Njc0NzI0MiI6IjMwMHgyOTciLCI3MjA1NzYwNTg3NDU3NjI4NCI6IjMwMHgyOTcifQ%3D%3D&width=300&height=600

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:23 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:23 GMT

GET
H2 200 WOOejI_zOEy0vGi091HmE_gsYgbrXmK0xm4GW8200J6hqmDZ000003YScWE80WYv0hdK2mtyNmFpy0A7ieGOy0K1e0R00Sa6gYURGXkzvrQf1nZcfDnrreD3m0V0gx3w0T070lY02W682W-e2kW7Y0iGgWiGReb9MXZc003mzP8asURm2mRW3OA0W860W82819WEg... Show response
yandex.ru/an/count/ 43 B
275 B 62ms
62ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOOejI_zOEy0vGi091HmE_gsYgbrXmK0xm4GW8200J6hqmDZ000003YScWE80WYv0hdK2mtyNmFpy0A7ieGOy0K1e0R00Sa6gYURGXkzvrQf1nZcfDnrreD3m0V0gx3w0T070lY02W682W-e2kW7Y0iGgWiGReb9MXZc003mzP8asURm2mRW3OA0W860W82819WEgi_ibBIZx_DMg0-OpFEstixrmKEG4FhaXuELcOkgu9MOVGBW507m5S6AzkoZZxpyOu0MXO28W8R0Kg0My83jbmR95l0_s1Q15wWN2T0O4FWOhQZ5xC3pfhz6W1c96RFai1cu6V___m706Qglyxlepxc8JT8P4dbXOdDVSsLoTcLoBt8tC3OjCkWPh0Bm6TW4c1hKmrEm6qYu6mE270qpQq8wSt9aHtL7QM8twHo07Vz_W202Y202q27___y14G0o0scOCMaySXR8Q59JsWIhaJku11pI0gzaI1F30-xYDJzI7pK3XaoChWXhv-GJ_YYJ0NSE8me0~1=WkCejI_zO742pHO0f2Tu6ovuSGE6WC2tkTsexiS1W07m_OIbYOFfrly1Y077ZOQKbW6G0TIzgvdTW8200fW1rBshcLsW0Swe0Swu0PYyqP8bs06OWjke0U01qiJtfW7e0Rm4-07UZjw-0Q02wChW6R03uWE81PRm7P05fTCni0Mvh1Mu1Rci5S05bR8SpgO5u0MKg0R00Qa76EQat7NMWqEu1u05q0S2s0SGu0UG3V4700000CA0W0RW2BIby0pe2G00y3_92hzM3_lMV050sGle2vRm7OWCW9talW6f3F1uNh31PCu_w0oR1fWDnvmzFv0EWEeme0xgDjaFW12C_zKaZ806q130Zh9Vu16_aPi2w16Rzyhvgf7WiEs00Cr0cNr_4ey7pJ-O4mBW4xci5OWKo8tmufVa-Cx_0Q0KkQmLg1Ibqp7NqAEN1kWKZ0BG5TVGevS6e1RmWEsN1h0MpWV95j0MW9talW7O5lhaXuELcOkgNu4Nc1VlY8mlk1S1m1UrbW7O5y24FU0NlU6WbWRe5mRu5zcQzPS6e1WGi1ZYX8-O1hWOBFWOhQZ5xC3pfhz6W1d1YlRieu-y_6E96RFae1d00RWP____0U0P1UWPh0Bm6TW4WHh__qF8hOboNuWQm8Gza1g049WQrCDJk1e3zHe10000c1kQ-q2m6qYu6mFO6m6X7000081v6-4_gHm000000008mB4SUnIkH-5wX3-vGDWSbl0Tu1obqp7fy3_n700008XIqQW_W1t_VvaTo1tgDf4Ug1u1q1wUkFspv-h1zL_O7llQ7g0VZF_L9B0V0SWVZC6jLD8V1ZOpD3KnDe0W0eWW0h0WX80Wu201q27___y17W3RXG6D8aKe8HecAv2pkqdCGp7Wuj7gY7u8w_a8PrW_yr4RFhAtT9SqzOuFaMKA3p-U8Lg4e9qDqu80Y09ZI826J02xJ3t7K29yI7b6r3pGAwLJ0-kc9jd1DW47~1=WmiejI_zO8W23HW0D2fieksIY0EqYxcspTcxmB81W076qTFN1eW1XPkCuua1a06uhgUOs820W0AO0RYkfvXOe074hAW1nAodc5Yu0QAzmOqas06ehloZ0U01qixWam7e0Qu2e0BKW_GOe0C4i0Ei1OW5ilCLa0M0jHQm1OpC2RW5ZCm9m0NVu1_81VZB3T05hB82u0MK0PW6YDE7kGQe1i01gGSOvgJSTTQ3Gx07W82GFBW7j0RG1mBO1n3W1wGFyGS00CA0W0RW2Eg1kWpe2Pl7uPuCLUS_oTaBw0koynM83CAkthu1w0oR1fWDnvmzi3wW3i24FO0GbDMc8i2W4A4HP-0Hlv6R0kWHc_VA-QgHuB3jW03DG9hu92ijezO_c1C2u1ECp0c05820W0I85CYDyEANvFZE_m6W58pC2QWKWBKMm1I0eyD7o1G4q1JufOnXs1J_oTIN1kWKZ0BG5V_9r9S6e1RmWEsN1h0MpWV95j0MmgxUlW7O5lhaXuELcOkgNu4Nc1VtlF0gk1S1m1UrbW7G5z260zWNuuexw1S8e1WBi1Y_zewO1hWOJVWOhQZ5xC3pfhz6W1d1YlRieu-y_6E96RFae1d00RWP____0U0P2EWPh0Bm6TW4WHh__skqr1AOYeWQm8Gzc1hKmrEu6WFr6W40002O6vhxGB0RIBWR0zWR0UaR0000m2O-I47m6-69nGFu6vlThG7O7BBp5U0SWBKMwHpn700008XIqQW_W1t_VvaTo1t0X3tW7Q721P4Ug1u1q1wXr9JKal33uu41s1xysXw87____m6W7vJLfYAm7mB87vIN_b7I7mOsCpGrCJRP7m00080yz4b1u1-zX-K3w1-_kNU080A880Af8B0WX80Wu201q27__m6G8gh79f0YgySca2AinoOT05B8ACy80dar6bCa2INaZfpSpX2pJmmeABGweX_2ckmHCsmWEJ3b3QO4YEMQbHb2Li6h490HK0E1Mn08sv3W55gEK60CoS-G8wL7ZBChfVC4VeREv3Mp3hO9E000~1?stat-id=8&test-tag=2614638650907169&banner-sizes=eyI3MjA1NzYwNjU0Njc0NzI0MiI6IjMwMHgyOTciLCI3MjA1NzYwNTg3NDU3NjI4NCI6IjMwMHgyOTcifQ%3D%3D&format-type=118&actual-format=13&pcodever=634516&banner-test-tags=eyI3MjA1NzYwNjU0Njc0NzI0MiI6IjU3MzkzIiwiNzIwNTc2MDU4NzQ1NzYyODQiOiIxODg0NjYifQ%3D%3D&width=300&height=600&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 22 Aug 2022 19:06:23 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 22 Aug 2022 19:06:23 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 56ms
56ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=6db6f16ff5e616c7&pm=bmq&pxo=psuC8Hps7A_YKeSwEdMXOobxSW_M3MebBSKFptdOYyy5fh3t9MC6Gtqxcra-O9EcceMxHyMd2gc5mRl9R0TLWsKD44thxLiPNDqk7PWi_wNcjuRIoQW4hjruGKKt0_IBrGCCekLjytMLNLnBJUWjd60IxW-7sZNFhqCejuh3ta_nuC5q6XDx&p5=gwdbk&ad-session-id=701901661195178878&utg=oxum&lts=fjvezig&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=hntevzc&sj=XduKn2qjjSVLhQhPTdlgrZFKHsfF0wrfyK8Fk9QTWAkSzhRg3dxFGnRYfCvbag%3D%3D&puid1=adv-1661195178823-935&pr=gsushxr&p1=cdinl&rqs=qiebQhu951aq0wNj_Wa9XmsOnfA2TxEn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 67ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=dd50c861e84e8e92&pm=bmq&pxo=ATgpvKxEW35KbzZa46C_Yidyb4hHYX4IwTAHQXeIoM2pYGAWEywo27a3tKb4vhGlP77s2BRf_cy325BiZG0uCBdInQGmpyRzwhLnCBPp73IyRKfcIpIBzjvhQRx2KZ3EevLEAA4XAybyWjFKR8Y2f5hDjLZl5ZoDMdKDrCnKeIV3yirutWE%3D&p5=gwefg&ad-session-id=701901661195178878&utg=oxum&lts=fjvezih&ytt=362840447909893&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=qiebQhu951ar0wNjUo4mquWV0z0UGMKk&pr=gsushxr&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=kiraluq&sj=3K87mjgaSNC9yJ-jrJD2A-PInCLeBy-4O1DMu7w0cUM01r-FgwdeMpHjCxSJeQ%3D%3D&puid1=adv-1661195178828-573&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.112

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 19:06:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 19:06:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMZtTTjfP1OWp1iNel4bG3dn2zgu5mJqTtAZifoZF0Fdirbx-mAlYbjSN79-QlHkx31Vemk-q3idcddn9Qycz9CgbswkGeyu-ts4eex8Nqy8RYzw7heObT712edJ6gW000ikXa_XFM0SykO79GfXuxPVap89j8fbqKCMDTeukGHcgCWE7QrKBj1cq3HmqwBq6HAtMDFrDKJU53uOwBtU02JJF1bpdsWVeVVMknwHO5-HK6zVef0SqHtkCkT-1oHpM5Xc0Z-yQnVHVNpnh52UaS66asLHrfh-9KHydWP6UA444UwRMwDI5KTbhkf3zZaKbf5phTDeo&sai=AMfl-YRyXG8jGdhsq-l3MOvvaheflQ39WAD2VoNbPUcSCQMGvJCs9Xz5ttfMkTBWy_TPO1BjyVBOZic2d9KJIeVe7dSus0ZJIYLFLQLfVIVGljMtyZiKQzTGU3dGIdDhLIExjQQ&sig=Cg0ArKJSzHRGPskKKlS9EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt7_1da3PeEkifNc5ZepYKccsLqHLtlZx5HdmgqPfuVVCMp0qL4aH4_JZuiuQO8xxoIN-V8s9ChIiuTnot_kdA4YbV0SU_chfp5AJS4DvlaRPJZuMU&sig=Cg0ArKJSzMHqx9vSlRZXEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220817&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3886855702&rs=4&la=0&cr=0&vs=3&r=b&rst=1661195180866&rpt=224&ec=0&met=ce&wmsd=0

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:28:01	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:28:01	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 05:36:39	Name: w3k Value: f2fe5fb8-5979-42ac-8ac9-771bbf47c89a
.kp.ru/	1970-01-20 05:36:39	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJmMmZlNWZiOC01OTc5LTQyYWMtOGFjOS03NzFiYmY0N2M4OWEiLCJqdGkiOiJjZWY3YTAwOS1kMWY1LTRjYjAtYTEwMS0yMTZkZWQzMGQ0MmYiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiZWI1MDc0NzFiZWMxNDVjMTQzMWVhMWU1M2EwYzFjMTUiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA4LTIyVDE5OjA2OjE3WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudHVtZW4ua3AucnUiXX0sImV4cCI6MTY2MTc5OTk3NywiaWF0IjoxNjYxMTk1MTc3LCJuYmYiOjE2NjExOTUxNzcsInN1YiI6InNlc3Npb24ifQ.A8tO02Njqw2zhsq1_6Ovwbs-3HBMxbWJWv1Os6yLtBIEPRujJMdEX-eHiq4BWeecKCger4gTHk06rAOf47qA8UTA14jo5ny2OyA1eXVA6gW47uXyp7Zm_BPDR6xKO5OUnFt-j3ylsTd2YQjGGdco9Zr06eE9AwJrJAmWYJ6xHwFm9x4_jnLxzbCvsXnZ_1e1-9tTulZhqTTmdyuX8_yts1YwrHsg6wvf85jZ175tR9utfBz4dbEGfARrmQg4OZysXhXW3W52uNdwWwjKelNet0uMNYfB_E_ieGr---enOwT7qZPJk4zaF6Qyia4iLSgQlp8dYPimPKXbq1IhUHkfeA
.yandex.ru/	1970-01-20 15:02:35	Name: yandexuid Value: 6262181731661195178
.kp.house/	1970-01-20 05:36:39	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.dhxELFJoJYUUDcvAMFwHWPJtc9pcd9I0fQ0z8ufhBTYba0Ff_RoQAuMVmSv03TjBI67wvJVRvLQEtMw2vG5qu-_5rKMdMxxYdKdzFxuldUPChKR2umDQidf2Mis9EOudDHt6km4tCBnJH17r0esAIns5Lijj2qhnwsg4Sl0Ez-qjev4j3JkHCip1qhYzQu4y0RdP4XspQ-PcjkqXbtMcCK5fxWsrQ6XeA7WZ8X946zwbHi4gsG1d0OZNAgTaxrvBWVF-AkiseoVtWIsuW__K6RM0n2VB00zKRpYZTDjz2h2exLdDgmLLBdEPUP2EU7ASHcfKI-VrQumqHBHTX1uG0A.DpLN3rvFVPpvQQYn.b7F_QVDxHlxRswVfM9yB8hcn.7vRhlTwON0rZQxIPFi0eYQ
.kp.house/	1970-01-20 05:36:39	Name: w3k Value: 69c584dd-0adc-47b9-9c8b-277d8e3a9da7
.kp.house/	1970-01-20 05:36:39	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI2OWM1ODRkZC0wYWRjLTQ3YjktOWM4Yi0yNzdkOGUzYTlkYTciLCJqdGkiOiI4NjQwN2IwYi02OWY0LTRhZDEtOGY5Mi00NWQzNmZhODllOTEiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjYxNzk5OTc4LCJpYXQiOjE2NjExOTUxNzgsIm5iZiI6MTY2MTE5NTE3OCwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiNWY0ZmVhZjk0MGFkYjUyMDVjYWQ1NzIzNDA4YjUxOGQifQ.skezBUV8snyzaXoCUqSJgjU_QJy8GwwU5S2SkBroyCCeeuhXoLaprunZnop5cYC29_ZYcDH6qg6ZMNVlWE-Xd7HjJmd_YmQSa-WdOcw8wF87t-vuVnFBM69oaIBltz7QI_FobgdMLdF8krcerx8HkFS1xN-gePgq03-rgCQF6_aPH3lBahnX3wcm2alESlNqf6-69-FsekABW3NI8aXdP3l3eJjMbYAUp6sz6YduPUR6iJeoYW5oKzTzNxNN-QOMnSykoeHMq3tefiNZ7-yQfnKxQgFP4bn_0Zt3eHIKnhXiN-g492SEIaCGFmHXqi8VzdyJn5aVnbGErXDSz5rNdQ
.exchange.buzzoola.com/	1970-01-20 06:09:47	Name: uuid Value: 424bfdb2-d37d-49cc-5b10-ab293ad068d9
.betweendigital.com/	1970-01-20 14:12:11	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:12:11	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:12:11	Name: unm Value: 1
.betweendigital.com/	1970-01-20 14:12:11	Name: tuuid Value: a24a2b9b-2f1b-52ea-a23a-8809c1395ba3
.betweendigital.com/	1970-01-20 14:12:11	Name: ut Value: YwPTqgAN3shj4uMmgZXyKJprNk3aauz34FaAag==
.exchange.buzzoola.com/	1970-01-20 05:46:44	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.criteo.com/	1970-01-20 14:48:11	Name: uid Value: 3385d710-932a-4eeb-ba38-4d051d6d124a
ssp.bidvol.com/	1970-01-20 15:02:35	Name: bvuid Value: llbji8tp50
.yandex.ru/	1970-01-20 15:02:35	Name: i Value: wXSSyaaFduVDLVGYGE8E7RXR9Bnb4TM2ySeHkUHNotWlawbfVviHhWCKHWx8KwbFwZEZ55c1oToZhLGTy3/Vhg4b2Jc=
.mc.yandex.com/	1970-01-20 05:26:35	Name: sync_cookie_csrf Value: 2636422797fake
.mc.yandex.ru/	1970-01-20 05:26:35	Name: sync_cookie_csrf Value: 1650203013fake
.yandex.com/	1970-01-20 14:12:11	Name: yandexuid Value: 6262181731661195178
.yandex.com/	1970-01-20 14:12:11	Name: yuidss Value: 6262181731661195178
.mc.yandex.com/	1970-01-20 05:28:01	Name: sync_cookie_ok Value: synced
.yadro.ru/	1970-01-20 14:10:51	Name: FTID Value: 1Z0zEi1DkfOO1Z0zEi003OnE
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 820956331661195180
.yandex.com/	1970-01-20 15:02:35	Name: i Value: 3J5I76Xohas0f4h4j4TbiaxIF8MNGwOIji/+++nH+serHOL+vqQbirzLjs1XrW9dFKGwRC3lQKsDRn8cxyDCx+09xN8=
.kp.ru/	1970-01-20 15:02:35	Name: _ga_8MQ0FGXD1P Value: GS1.1.1661195180.1.0.1661195180.0.0.0
.kp.ru/	1970-01-20 15:02:35	Name: _ga Value: GA1.1.908867800.1661195180
.kp.ru/	1970-01-20 15:02:35	Name: _ga_E8KWCYC304 Value: GS1.1.1661195180.1.0.1661195180.0.0.0
.tumen.kp.ru/	1970-01-20 15:02:35	Name: _ga Value: GA1.3.908867800.1661195180
.tumen.kp.ru/	1970-01-20 05:28:01	Name: _gid Value: GA1.3.1611871640.1661195181
.tumen.kp.ru/	1970-01-20 05:26:35	Name: _dc_gtm_UA-23870775-1 Value: 1
.tumen.kp.ru/	1970-01-20 05:26:35	Name: _gat_UA-5200037-42 Value: 1
.tumen.kp.ru/	1970-01-20 05:26:35	Name: _gat_UA-23870775-31 Value: 1
.yadro.ru/	1970-01-20 14:10:51	Name: VID Value: 2QvcaB09AgOO1Z0zEi0039ju
.yandex.com/	1970-01-20 14:12:11	Name: ymex Value: 1692731180.yrts.1661195180#1692731180.yrtsi.1661195180
.kp.ru/	1970-01-20 14:12:11	Name: _ym_uid Value: 1661195180781084329
.kp.ru/	1970-01-20 14:12:11	Name: _ym_d Value: 1661195181
.doubleclick.net/	1970-01-20 14:48:11	Name: IDE Value: AHWqTUkdEh5cq16qFxfmccFj_Oln5VlnQmvU-2xI_pdxE0DsNECLzN-SMHgzfvhy5EU
.tns-counter.ru/	1970-01-20 14:12:11	Name: guid Value: AB9769126303D3ACX1661195180
.kp.ru/	1970-01-20 05:27:47	Name: _ym_isad Value: 2
.kp.ru/	1970-01-20 14:48:11	Name: __gads Value: ID=f26d11c3526745ee-224e246601ce0024:T=1661195180:S=ALNI_Mb-TQ3io5c7kjSY08dcA1LDkMAxqA
.stat.media/	1970-01-20 14:12:11	Name: _sm_uid Value: 3a42bb7c-2112-4ed1-9241-d12be92500e4
.stat.media/	1970-01-20 14:12:11	Name: _sm_udt Value: 1661195180968
.stat.media/	1970-01-20 05:26:36	Name: _sm_sid Value: 43d1bfd6-06d1-4835-ae13-aa38d6870f9e
.stat.media/	1970-01-20 06:09:47	Name: _sm_cm Value: 6
.doubleclick.net/	1970-01-20 05:26:38	Name: DSID Value: NO_DATA
.yandex.ru/	1970-01-20 15:02:35	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 15:02:35	Name: is_gdpr_b Value: COjhDxDWhQEYAQ==
.smi2.ru/	1970-01-20 14:12:11	Name: _sm_uid Value: 3a42bb7c-2112-4ed1-9241-d12be92500e4
.smi2.ru/	1970-01-20 14:12:11	Name: _sm_udt Value: 1661195180968
.smi2.ru/	1970-01-20 05:26:36	Name: _sm_sid Value: 43d1bfd6-06d1-4835-ae13-aa38d6870f9e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21e040118f21cb271af71eb05f679269.safeframe.googlesyndication.com
6f896d02df796ff0db83b53d4a802f55.safeframe.googlesyndication.com
94f755c17f82f5b2a09a9a00a400f615.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
counter.yadro.ru
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
identity.kp.house
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
pb.adriver.ru
pda.tumen.kp.ru
region1.google-analytics.com
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s10.stc.yc.kpcdn.net
s11.stc.yc.kpcdn.net
s13.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tumen.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
13.32.121.37
142.250.185.130
142.250.185.66
159.69.141.123
178.250.2.131
185.184.8.90
188.42.191.196
195.209.111.15
2001:4860:4802:32::36
2001:6d0:4001::226
2a00:1148:db00::17
2a00:1450:4001:802::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a00:1450:400e:811::200a
2a02:2638:1::3
2a02:2638::1c
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:e1:2801::254
46.161.36.24
46.161.36.3
65.108.236.88
82.148.14.206
82.202.225.240
88.212.202.52
95.181.181.12
95.181.181.82
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38
115d4058d7000ee13a798fb0f1928bb7a41a44296c6cf047989d9f8776ab1037
11795b03bddc019a757769d8ddc096766e2a6db6017dcd0cc429dc4b2869d7f7
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
1308cc699f7708cba0f321f5367b8aba53f55c3b9f8f1bb7e3f6f8507d4a4b9a
15e05a375e696f0bd0bf2036553aafde1e7edae58896362ef9e7db4847a8193e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
18f232b1fdd6b2806d850f3200aaa33d7d697c97eb04ce3936d96ed90b6478b7
19e24f69aa1b7cdefe7cdd1781ad53409b806eb359a63f3b7887176854a114ae
1a90c9a197339295f71c9bd34c3b57b0f842e0ee04e35f2fdee6c9145815a88d
1b5f3c54eaa74a2b360f6434ca63511859963784ff4e9009ef1d0acb8fbc3597
1c1f1fddbd0b997809bfaae0a6e7c12788f7c0861847538488040cd560df77e8
1c865383c1f8fc02fb61ce539485f5fb99511c38a64ca0cc1ba5ab3018c30950
1cb61f245b80f476c32be6e27c392cbfab2fd2b1d837b309bd81378f63ae6706
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
1e23b282ceca95d79a243d3160d49d08c30d0a8333161c588e3cf7ca88795c4e
1ea643f6f9f0a6ff053a4fa188da7fb91aa0f0d4ffe2cfb4497d68ed869bbe84
20cd7d963d1d7b4852eb93e4c3dc66dd7af19d64d6d5cf5303ce3f068053b23b
241489ad5357595eaf948db786a1673081c5d7d7ac24f5d8e50c186e33e1888f
26b9c31160e3bd2dea0ae368645a2c60ad2bfd746fa6d1817328fbe7cc8fc1ba
28167e0895d0754b9afd055ec28510988161769e6ef225539508e85c0561d072
283cc22505724535a9f9a2cc2ada622d58d56f11cceed236d5a54c11207916c1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
31a7a01c541eb93fdcbe144594e282be621865f78bbc214976643918a9ef3f15
3216045fa8caf6ecc63db3aedc57313841970e154653405e50bf142dd7ed73fc
3379bacfc3bac0150f30d7da5354b651f052214eaf081452174d8028c5daa9e6
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3838227b802dfd9c119f69593d8657e2089a142e54d12e9f1ffe2659e5fd1579
3954894368f2f38bf68613544a80ee9ed3c1a790f450793fc055a7c8611a6d81
3a3c4a90df106a129b12dddc6cf2e6a969e9c266a87eb9f819cb5b416a0f7d0c
3dd9d59595f56e71d527f5c565b25c1eea61e245de8053d38ca13200420750f9
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
418b3b1d9257aa9344288ead42bb9a287f09434cc77fcf1aca2238bc341e87fe
420b9a7c3953df0caf9d9cf2f9c6f1f8989374943a811adeeefb3d0d6bf9f5d7
4342a826addea6d37b449010f19236f2a1c132c15315491c63bdf7c82baa6fda
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
45010d9dc316dd46c088ad941df8e8de7e724b1a0719f9a565f1144daef796e9
4bb56f371b2a2447b9ddef5f029309c1158041c0b28f9bb21f33988e582d8fd8
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4d3afbc14dd4419c1c461d12c77e50611e737a335e5761e806c4a401d4c7929c
4dd677bb4420e6863ce111bcc768b99512bceb2e2918b980d954036529cf76ac
4f321a860a8732a9cdaed062345e954b638d04377a1d945d8d46d6f4d434dbc8
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5b867cb796a505b35c4ae4e451a2f06656ab3697be3d06f4abdf3b4d5728da1c
5dc5eb0df9dc53c567e4fb77cdbf765ceb8d0f3e56d1f22962c467d6e3da811a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
60b5b156e3453ed7666f078991113e903d91842b993bfd33b78fc9233032ad22
610266fa5836ae63ed85aa786461ee410375678d263a6edb07f7e8351e6e289a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d
646a6d6be82e0eded90ea1290ad728b5fdc6aa2b8ea6a9d2a5fae84626a6d9d6
651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957
668d14bbedf6e858073e3a3c42d596ef0e929b7a9b7ba8387e3d93ae54fb09d3
6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2
68d8a457fda72b10b88ab2e83795d14d9b2dfb3b1c2c95a605cccd6b5b310fc0
699357f5cb3c8564c433741bcab293444fd9c796ed86d074304b65eca4b40861
69da67aee532d1772cdb33ef6cb11b550ab49752e4146dbfe83a96a0b10bcc31
6a5486c81ce04d7157370ccee909439a91c94897b9f98948d28b465633ace158
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000
744c54512d1121cb37612674174ed9cf2b8e59969f31bce8af4959c75a88d1c5
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7a4ade98b80b7b383d9b780251b39165996140b93c94d2f7b59c06d61e4e7b9d
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
8762d8a4d47ec32cb105bbb544a0d3406639de3cbb193fbb5666e3e4f3259150
8ab4ad4cbac2db170d312205e712feb7aea0ec381bf9b240ccca8a4c0be7039c
8f87ccf1868779d29b181cab9727d72273ecb097bfb68e93165eebf0812ac055
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
97851eef36494add9813e74e64c29aacd125f298bee582af057da8b11be153e4
99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d6ceab7841343d88d23f8c56c960480a961f8f01a5e438634028bcfdbf84a38
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9defeb99a060495def91163175b23f798e38fb947f08bdb960e6b258628a5315
9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336
a05b342f3980430a579a744e56531bce7662e1df3e49fe0a101ab39bb129fa53
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6779225c7918ddbab0f21bab815e851828e81a928686438c7871b6236d1a9cc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a772ceb40cbf381547379bb60a87695011178d68ff1a34c77e6f679bcf994af1
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
ac328a8a84ae8f231289b12001679dd2c93d99161388aa3eca4a9b64078e2987
b125b7ec47cea1357452e1e22295d77a29e97709d3f9cd65389b571a880c9d8e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b20f417556b312ce649c4124557c191dc68f5c4675837c75dae2d291601cd6
b83087606e958b4f934eedbd553f380c75feae5713ba2927cbc427ded7bb8afd
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
bc96dd512627a5ff3462e1079dbcd5c5150bab5b724a0d143986cdde8ca4a9a0
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c0b7bfd2811eed51ac500752dceab7fe174b237282961e82215d568cc8a355d2
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c27bee424577194ee246d0e03e9cc9bc1222e1b4d9fa6c7f284bbdf607c853ae
c462c0bf7b57d00aa53003c06e897113331e2af4356938d8502ee6e10de89a39
c546ec8c4abfb8c173953b36203ac229b952a40426fef438573ae81872c6f936
c5a1e80108b0a2531c468a21f52b80fa962333aac333a882efd0ae65d76d9bc9
c6ac6976c0366d033e88c147b0457c9a91603713547aed506e1c45b1d5ed9872
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
cdb0f9fd04b4ab17a34e015dc70a73b673e1783df5449ccf88be313d55b7e3fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf79360c9dc5aa61350f572a2d61c4ac630b898435bc3abf488db8f9d36f81
d13dafe70e56382ecad4ab14bd534955719a4ae1e1b55e81242c66cca40556be
d24341f0243e943212442501bc90aab56da693f514e64f2d8f5eade9c5c92bb8
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
da24ca580aafbfcbf4309e3e8afefd7706063456bd7577e5ca4ec8aa2a9adf30
de27f6c79fa0c81034f5dd9ecfa5ef2a1739ee2fb6a7e0a44e6e13223e4c2a14
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0638fedc4c8baed91a66850abca34f83e0b5093207b08c7ad2f6f0fb8dd45a5
e0654d2142e08b8b6377cff526b0b1c1b82e5dbe98fccc49682e2855c83c3aa8
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b6746147911cc0b309016dbf8a87b344987d6585e2e18d13c912c27772b963
e6372349cb5e6592de4b40ab1c2d84b3279e88188fb6d7fcaa884380079e55a9
e6606da2d3e7f5dd5f717577ffa98230234585c67429db3a5e86bc68513fef0c
e7904458fb3dc265755433d2d47fa527f7675199fd60d0a9a25fab772e6e796c
ebdc946cf7998e4315f97cbe13f3275f25c6daf02aaf2dd5c64bd8f3f08cebfa
ec46ffda0acd65de949c95853141581b3fe8e9741e2dc31fb2d486d992a45339
eca7af21406a66e8e92990a707ea1049731dd488a7771c49699c5d667c04cb68
eea4dc70872f116f73a9cffe14c26fd0369bb5a9cc239833fd5f6e47a26f0594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9
f7628b94ac48667950eaa001cf5e44e028cd551374dd15eed02276f7964b7e80
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
fa1f5a378d1b6ed9854b1fcdaac2b1b0f94e414d76fe29b0c42f5b8bc00c3397
fd61b939d60a34fe92950d8fb53ed0449e7cd55ed78c000ec51aec0136d1c157
fd9f091135120c3f44e411cd3ffe9f4ca503aca646ffed7d027b436108a14f1e

www.tumen.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

263 Requests

95 %HTTPS

68 %IPv6

32 Domains

59 Subdomains

51 IPs

10 Countries

3551 kBTransfer

8953 kBSize

52 Cookies

33 Outgoing links

Page URL History

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

95 %
HTTPS

68 %
IPv6

32
Domains

59
Subdomains

51
IPs

10
Countries

3551 kB
Transfer

8953 kB
Size

52
Cookies

263 HTTP transactions
12 data transactions