www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pda.tumen.kp.ru/
Effective URL:
https://www.tumen.kp.ru/
Submission Tags: ru h8 kuzelovi sub l4ing ddos Search All
Submission: On August 27 via manual (August 27th 2022, 1:09:07 pm UTC) from UA — Scanned from DE

Summary HTTP 259 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 32 domains to perform 259 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.tumen.kp.ru.
TLS certificate: Issued by R3 on August 8th 2022. Valid for: 3 months.

This is the only time www.tumen.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
14	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
26	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
16	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	176.9.81.69 176.9.81.69	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.22 195.209.111.22	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
4 32	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
22	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3 13	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	82.202.225.229 82.202.225.229	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 3	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	82.148.14.194 82.148.14.194	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	82.148.14.197 82.148.14.197	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
259	52

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

pda.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s13.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s15.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.81.69 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.202.225.229 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel21.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.148.14.194 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel24.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.14.197 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: ads5-1.ssel30.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com	306 KB
28	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	7 KB
26	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 395274 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 403657 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 479144 s13.stc.yc.kpcdn.net — Cisco Umbrella Rank: 444121 s15.stc.yc.kpcdn.net — Cisco Umbrella Rank: 415965 s10.stc.yc.kpcdn.net — Cisco Umbrella Rank: 424602	807 KB
21	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1426 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 30072 mc.yandex.ru — Cisco Umbrella Rank: 3880 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25730 an.yandex.ru — Cisco Umbrella Rank: 2470	383 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	481 KB
18	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 11442 banners.adfox.ru — Cisco Umbrella Rank: 74240	94 KB
16	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	3 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com	267 KB
9	google.de adservice.google.de — Cisco Umbrella Rank: 8811 www.google.de — Cisco Umbrella Rank: 6076	2 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 759 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	9 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6925	233 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	171 KB
4	stat.media stat.media — Cisco Umbrella Rank: 29300	29 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 11338	62 KB
4	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 8534 favicon.yandex.net — Cisco Umbrella Rank: 10522	95 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20664	2 KB
4	kp.ru 2 redirects pda.tumen.kp.ru www.tumen.kp.ru	102 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	785 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 129326 smi2.net — Cisco Umbrella Rank: 47513	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	217 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2016	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11968	1014 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 40366	909 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 65849	627 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	40 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	2 KB
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 50825	868 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 32925	476 B
1	kp.house identity.kp.house — Cisco Umbrella Rank: 415596	2 KB
259	32

	Domain	Requested by
28	mc.yandex.com	3 redirects www.tumen.kp.ru mc.yandex.ru
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.tumen.kp.ru 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
18	s01.stc.yc.kpcdn.net	www.tumen.kp.ru s01.stc.yc.kpcdn.net
16	ads.adfox.ru	yandex.ru www.tumen.kp.ru
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.tumen.kp.ru tpc.googlesyndication.com www.googletagservices.com
14	yandex.ru	www.tumen.kp.ru yandex.ru yastatic.net
13	www.google.com	3 redirects tpc.googlesyndication.com www.tumen.kp.ru 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumen.kp.ru
9	yastatic.net	yandex.ru yastatic.net www.tumen.kp.ru
8	googleads.g.doubleclick.net	2 redirects e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com www.googleadservices.com
8	fonts.gstatic.com	fonts.googleapis.com
7	www.google.de	www.tumen.kp.ru
6	bidder.criteo.com	static.criteo.net
5	www.googletagservices.com	yastatic.net securepubads.g.doubleclick.net e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
4	stat.media	target.smi2.net stat.media
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tumen.kp.ru
4	tns-counter.ru	1 redirects www.tumen.kp.ru tns-counter.ru
4	mc.yandex.ru	1 redirects yandex.ru www.tumen.kp.ru yastatic.net
4	exchange.buzzoola.com	2 redirects www.tumen.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	encrypted-tbn3.gstatic.com	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.tumen.kp.ru
3	www.googletagmanager.com	www.tumen.kp.ru www.googletagmanager.com
3	fonts.googleapis.com	yastatic.net 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru www.tumen.kp.ru
3	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	gum.criteo.com	1 redirects static.criteo.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.yadro.ru	1 redirects www.tumen.kp.ru
2	target.smi2.net	www.tumen.kp.ru
2	e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	favicon.yandex.net	www.tumen.kp.ru
2	avatars.mds.yandex.net	www.tumen.kp.ru
2	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	banners.adfox.ru	www.tumen.kp.ru
2	s09.stc.yc.kpcdn.net	www.tumen.kp.ru
2	www.tumen.kp.ru	www.tumen.kp.ru
2	pda.tumen.kp.ru	2 redirects
1	mug.criteo.com
1	smi2.net	www.tumen.kp.ru
1	smi2.ru	www.tumen.kp.ru
1	an.yandex.ru	yandex.ru
1	encrypted-tbn0.gstatic.com	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
1	www.gstatic.com	4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
1	ysa-static.passport.yandex.ru	www.tumen.kp.ru
1	f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ssp.bidvol.com	yandex.ru
1	s10.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s15.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s13.stc.yc.kpcdn.net	www.tumen.kp.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
259	61

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
tumen.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
amp.chel.kp.ru R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
identity.kp.house R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-18` - `2023-01-10`	6 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
ssp.bidvol.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
stat.media R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.tumen.kp.ru/
Frame ID: 427B898283C6724611F4D69AEE0BCB97
Requests: 161 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 44DC7E5761B2701BA560BB5FD10D0E87
Requests: 6 HTTP requests in this frame

Frame: https://f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 225F4B8C033FF040DF7A1BE6D8A49A5A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A59260BF808919FDBF3DA20AAEF9D364
Requests: 8 HTTP requests in this frame

Frame: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FA61D92AD25B513CD9E57944C74B7CD8
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 1121A27DD12DECB84009F7A5E2832FCF
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: BA9ACD45BE457C352B0F25DC821CAB5E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5AC429A73591C22876CDBB6438756479
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64A4D9A840DE180BBFF7ECA3F5A461F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 662BF8F628684FFB315F0574BB6E1249
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAB4D72F7E47C1D0D6ABD9A3B0B31FBE
Requests: 2 HTTP requests in this frame

Frame: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5BB7DD2337FC8146B95102056B37A7AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8FFB6D4EFB5E8E1A3F13550767C011C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81B204C248EE2C8FF4DE31B59A75B1CE
Requests: 2 HTTP requests in this frame

Frame: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FB8EC25E66F46E011AFC29FF11BE4F70
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVOBI4wj9wvPUTUjZ3-UyuThFqGfqFvkkpAqFJu--70KqejZ38nfkezpx_JCBxon9v4WWzj0_z_G1kSJGvvNyCGsVBRFr1NApld4sH47x_5R0aOmv6QslejmWVKQbs7fvKvV9gmM80bscfJGmn0I5Zh98GJv5Sw-_CuhpWs2zm1ZctKBdTYIV9Jj9460ZZ5lmAhnY8NaU5FIbB7tQn2wxjy33zddlj93ar8dGIcCOubOcRil8VjnHqwd2qxDKxXHLD9CRfMVgDiBXXU5m1JVpIQH8u58QCNofOoHkQHYwsTrUDWhpoiMf7a1ni-s4pCTFtguD3Wg&sai=AMfl-YQUWn11AOy-BeipL6a2XKnq4nf7apTahBLhCD7KUcBJg5H0d2pTnQETzCusX1PPJzgomI1hk4PGd-lBTZ3jMZXL7-WiG2XviJslZT5JHASmy-i1orH5b3vL776f12qFryE&sig=Cg0ArKJSzHpHTT98WfpkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8A4E4BB846B60F9C222BD18D7D912576
Requests: 5 HTTP requests in this frame

Frame: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9C0D67902E94812ECDA2AADE96237BCB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 0FABD00630CAB4CDA20DA14BC6A69533
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5437A473B2BB2F7A303696681FC4A501
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 658E21FB1B54053F8C6C4C1AA52FD354
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru
Frame ID: 86DBA21F574874176B00A436344828AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Тюмени и Тюменской области: главные новости на сегодня | Комсомольская Правда в Тюмени - KP.RU

Page URL History Show full URLs

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

259
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

61
Subdomains

52
IPs

9
Countries

3353 kB
Transfer

8706 kB
Size

53
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16369/
Title: Убийство Дугиной

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/special/
Title: Дом. Семья

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/daily/fishing/
Title: Рыбалка

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/dom/
Title: Недвижимость

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/economics/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=1189561661605740344&hash=81d30c3867ab3b6b&puid1=adv-1661605740239-356&sj=S52EoQE-MuflpReIX824qTKw6vMbigpZgHCe4m0ftgcXjPBOsBvN2CJHf4D1qA%3D%3D&rand=fdbouwi&rqs=a2cvdsttE3ZsFwpjgeZziEagLJLNLj1e&puid3=top%3Aregion&pr=gtmhvtp&p1=clerf&ytt=274879518736389&p5=ljjmt&ybv=0.638452&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.638452&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=1189561661605740344&hash=81d30c3867ab3b6b&puid1=adv-1661605740239-356&sj=S52EoQE-MuflpReIX824qTKw6vMbigpZgHCe4m0ftgcXjPBOsBvN2CJHf4D1qA%3D%3D&rand=fdbouwi&rqs=a2cvdsttE3ZsFwpjgeZziEagLJLNLj1e&puid3=top%3Aregion&pr=gtmhvtp&p1=clerf&ytt=274879518736389&p5=ljjmt&ybv=0.638452&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.638452&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 53

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 79

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.x8cg-Cbo6etPfDRQTtijuhkvmluHAjiwkXxBzrWVDeo36KtpukirAQZY0bO2SPWK.cwnF6OnCIkQwCY5XAyo4UQ3FOYA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9743.pPulFd0CnxRBrmJZ8OE8sTnDHoBuve6EwUZBuTWLKQglCCI30f1thTivngbaptnxEab-A7fhRcyXjtggXTkUQh8n4cElnp5r88HPC2IPkhQ%2C.wL6Tne94x83wL8H4rj77vYAC_4c%2C

Request Chain 109

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A713708372%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-3-h-1)clc(0-0-0)lt(52900)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A713708372%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29mc%28p-3-h-1%29clc%280-0-0%29lt%2852900%29aw%281%29rqnl%281%29ti%282%29

Request Chain 110

https://mc.yandex.com/watch/42093449?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130900%3Aet%3A1661605741%3Ac%3A1%3Arn%3A430490736%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/42093449/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130900%3Aet%3A1661605741%3Ac%3A1%3Arn%3A430490736%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 145

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.6512912378997868 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.6512912378997868

Request Chain 192

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080

Request Chain 217

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 236

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 237

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=vC4-LnxlUFpReE12bHYrY1NSN0xqMlZWM0RwTzVuVEl0M3l4UFFJTW0rR1pOSXR1L0lDRlZRSmNvc2dLVUh3UkJaK2wva1BVYU9HdjdOR0ZncmdKR3dJa1hQU2VNdXJkNC9PMmZvWjNtQnpuaW1wR2h4cExpM2Y1WmlldG9jWkJOZFR3WTJWTVBiSGUrVWZTZ2MyZEd2ZGU1V3JmMnozbnI4MXNDUTZLN3RQM2UvSTBPZExvamg1UEZKNkdZS0pVa0NhdUJjUk4rZ0pCTDJCZ1NGdTNMTll2ZEtRai92SW1XVkRuS0Izcm94aEF1QVFmT05ma005ajlpazhTZ0Z6dXUxQVFQfA&cppv=2

Request Chain 246

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bxcKY_O4H4-M9fgPgbywqAw&random=781452216&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=598258183 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=598258183&ipr=y

Request Chain 247

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bxcKY-O8H7CR9fgPzM-LiAE&random=1558310436&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725&ipr=y

259 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumen.kp.ru/
Redirect Chain

http://pda.tumen.kp.ru/
https://pda.tumen.kp.ru/
https://www.tumen.kp.ru/

711 KB
99 KB

314ms
140ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: f033e338c246cb1d4dde196a1003c872ddcfac8fbadb4cbc9198b4d1f06f885e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 Aug 2022 13:08:59 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E725A8187701

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Sat, 27 Aug 2022 13:08:58 GMT
location: https://www.tumen.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 116 KB
32 KB 166ms
61ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e556d4e5d4460cc0ac6fbe5bf374c221566a41314debe196f7876f9744a3dfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605739494090-14113043857777689558-vla1-3228-vla-l7-balancer-8080-BAL-7949
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 27 Aug 2022 14:08:59 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 291 KB
78 KB 231ms
126ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8b895c0c25efd8ae926e0e658ca45fc56e737ab0cee325c18b33dfc210288601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605739494486-13097896828057015726-vla1-3228-vla-l7-balancer-8080-BAL-4047
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 27 Aug 2022 14:08:59 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 22 KB
22 KB 41ms
14ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
x-server-trace-id: 31820c9ad0a8c379:b5d53dfe1b9bb2e:31820c9ad0a8c379:1
x-amz-request-id: 2849b3b4f22daadb
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:33+00:00
content-length: 22100
x-request-id: 382c9c44-2a64-4e39-9f19-ac9914dc8349
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 39 KB
39 KB 33ms
15ms Font
font/woff2 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
x-server-trace-id: 15d6f39cabcc3d04:99c02cb5a7843117:15d6f39cabcc3d04:1
x-amz-request-id: 81458e222375922e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:33+00:00
content-length: 39768
x-request-id: ce5fe156-efda-4ce8-b3b5-978b0af96c40
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 6 KB
6 KB 46ms
20ms Image
image/png 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
x-server-trace-id: 6fb92d11e68d92ce:488c8a811c8cc79:6fb92d11e68d92ce:1
x-amz-request-id: 568e556945d66103
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:11+00:00
content-length: 6368
x-request-id: 36fbbf6c-105f-425d-8e9c-29eae8828525
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 favicon-16.png
www.tumen.kp.ru/boom/api/2/metrics/adaptive/ 514 B
923 B 133ms
132ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumen.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=tumen

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: 58cbed605e892a97:ddec393dbb72adde:58cbed605e892a97:1
x-amz-request-id: 7bc93e9514ab2e0c
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: 4987d069-4652-4533-9f9e-85f7e2e0b340

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d.svg
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/ 2 KB
1 KB 40ms
20ms Image
image/svg+xml 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/d.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 7db4121b9bdfab77:efc533926813acc9:7db4121b9bdfab77:1
x-amz-request-id: 78bfe1fc3fc156e9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:33:40+00:00
x-request-id: 0418b614-50ff-4985-a28b-16f7d0dff61a
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:53 GMT
server: nginx
etag: W/"eb1d088e654cd61490ce9ed3f821ccd4"
x-amz-version-id: 0005D1CC491EC82D
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 wr-750.webp
s09.stc.yc.kpcdn.net/share/i/12/12675421/ 79 KB
80 KB 45ms
13ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/12/12675421/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 85c39db1aa3139efc8640d0f1807a950626a8b2fc3f39ee5bb9371ccfba7132e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sat, 27 Aug 2022 13:08:59 GMT
last-modified: Sat, 27 Aug 2022 06:44:39 GMT
server: nginx
x-amz-request-id: 78a00c3e1986f15b
etag: "f8ff1d985f7103d2924ffa6e2f3ba729"
x-cached-since: 2022-08-27T07:08:26+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 81146
expires: Wed, 31 Aug 2022 13:08:59 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
181 B 57ms
25ms Image
image/gif 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sat, 27 Aug 2022 13:08:59 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: bdbbcfa58857f82c
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-08-25T12:53:19+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 31 Aug 2022 13:08:59 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 339 KB
128 KB 38ms
32ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

eff980b37035b0cd186f37131d156a7275f00aaa82ebfd25b06080a6cc8146c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 5a9acd531dfda94f:c0ed170095fe971a:5a9acd531dfda94f:1
x-amz-request-id: 30faea41bfe10068
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:11+00:00
x-request-id: ce1d8fd2-bd6b-43dc-be9a-d4305ae8f777
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:12 GMT
server: nginx
etag: W/"ff41ec96a7348dcd968ef42210ac2327"
x-amz-version-id: 0005E6D4A106CB22
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 277 KB
81 KB 28ms
22ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

ca4da12cb354937a133f8eb9dd3c019612db02ff000471f98af3be104e753fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 639dcb3d1709f2a5:7e9cd40754a7ef7:639dcb3d1709f2a5:1
x-amz-request-id: 203f7234bb47c509
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:11+00:00
x-request-id: 94f287e7-38c0-474e-8def-e972e3f43e72
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 26 Aug 2022 14:17:38 GMT
server: nginx
etag: W/"3ea3c839fd9539264d6cb05bcd4f72c8"
x-amz-version-id: 0005E7259387D652
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 68 KB
24 KB 26ms
21ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive-topbar.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

535cd50aa8ca78a00c768f48ae2cf146b83f000dd796167aade018013578a557

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 4d6fc018848fa8eb:ecc51359f0436d63:4d6fc018848fa8eb:1
x-amz-request-id: 646230feb2f97bf2
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:11+00:00
x-request-id: e105c3b9-8227-4638-bd66-016dbe839256
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 26 Aug 2022 14:17:38 GMT
server: nginx
etag: W/"f5b24ec1aaa708b027c0da4b7ad68779"
x-amz-version-id: 0005E7259389D8C0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 10 KB
4 KB 36ms
31ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/radio.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f5428b5ba66559d834d12725fb1c86c55f1392aaad426811130f5d673d58815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: ad9f1ddee3591fbe:f49b00334c125f17:ad9f1ddee3591fbe:1
x-amz-request-id: 64a1854c3bfc94aa
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:31+00:00
x-request-id: 8e0a23f3-19ed-42ac-a8d2-02a35dbf251c
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:11 GMT
server: nginx
etag: W/"3fac8155bed6a93f106e78327ee027a6"
x-amz-version-id: 0005E6D4A0F96AD0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 17 KB
7 KB 24ms
19ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/main.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a19c45ddae7042d6a7e9cd42e8730d263c932042063797d888f04ddf27ccd059

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: fbc0eb7ba0fb29c3:12225d78cdb014dc:fbc0eb7ba0fb29c3:1
x-amz-request-id: 3a630843a09619d8
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:28:00+00:00
x-request-id: 4f2808f1-9d31-4abd-a45d-cb086f7f1ce9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:10 GMT
server: nginx
etag: W/"af4115f3b25b1c8e54a9ed1c72e548c0"
x-amz-version-id: 0005E6D4A0E3F16C
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 97 KB
32 KB 41ms
36ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2efcbde6ec02b22a2d16f9fb80540f481747d6100f1ec480ddb0b7f3472ab779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: cbb9dd1b289e1dac:5d0faa52823fa711:cbb9dd1b289e1dac:1
x-amz-request-id: 0e28222091d35bf4
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:28:00+00:00
x-request-id: 5f00dddd-b128-4bf2-8183-0995e47eae04
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:12 GMT
server: nginx
etag: W/"4e4dab7534a102ecf0a6681f22b8f048"
x-amz-version-id: 0005E6D4A10D1CBE
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 22 KB
8 KB 40ms
35ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f2294c4453bd5485d7375f4ea5e5e8e8b868ea839a0ca12bcbae7d364768eb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: a66965c7d1f69d52:5bbd39b1cb6ac9aa:a66965c7d1f69d52:1
x-amz-request-id: 18304f8b1b631c23
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:31+00:00
x-request-id: 1f4446b4-5ec4-4bf7-b2cb-198151efdc49
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:08 GMT
server: nginx
etag: W/"b9f1086a49b700360ee2f6c3096b90d8"
x-amz-version-id: 0005E6D4A0C29099
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 36 KB
13 KB 39ms
35ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fb97b96610b6440936056006cc80eb5353a3b9de8a1de3706b50eccc4ab75254

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 3babccda5bef777f:17d6d3b618fb8730:3babccda5bef777f:1
x-amz-request-id: 289ad31da2e8655f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:28:00+00:00
x-request-id: 707dc09c-5340-42b4-b8d5-6610b0343cff
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:08 GMT
server: nginx
etag: W/"552e83a59965a66c2d52589168d96c56"
x-amz-version-id: 0005E6D4A0C46ABB
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 46 KB
13 KB 40ms
36ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

12cba32bd3140fd295ce10f9f1cef5e68523dd86a34a4618a2fa1d8bdab9fb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 3ba1caf13b9af01a:11feb732a00eb3fd:3ba1caf13b9af01a:1
x-amz-request-id: 3796ea8216d72aaf
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:28:00+00:00
x-request-id: 16161caa-5a5c-4eff-b7d1-8a87fb365208
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 26 Aug 2022 14:17:39 GMT
server: nginx
etag: W/"916e9781a2c6b3aaebdd7faecd67bc44"
x-amz-version-id: 0005E72593924B08
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 n.svg
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/ 768 B
648 B 36ms
35ms Image
image/svg+xml 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/n.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 13cd2a71ffc64042:6dc2902227fd287a:13cd2a71ffc64042:1
x-amz-request-id: c9e85d8aa7366c68
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T03:00:36+00:00
x-request-id: 5e9a2323-4fce-4a0c-a4fe-40754f1f1d22
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"bcb30adf55f66df96da407d71ae251e7"
x-amz-version-id: 0005D1CC4947530E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 158ms
71ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 98a96d716ea632de2975af114bd5223323b7175116e16394295fced1ebb431f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2022 13:08:59 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 605

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
373 B 230ms
119ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

470171bce85601c3627b9ef34fe0e8ab388e0c75f824bddb65b08b920aee9aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 27 Aug 2022 13:08:59 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 89 KB
14 KB 53ms
20ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?pages.age.month=8&pages.age.year=2022&pages.direction=page&pages.number=23&pages.target.class=100&pages.target.id=49
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 69a4b06a36e933c9f332e3b6873d3bdd85859c8fe2e3f99e15dca787aff6b8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2022 06:38:18 -0000
server: nginx
etag: W/"f7d0d53edcd44acc0cb3068286d23894"
x-cached-since: 2022-08-27T06:38:19+00:00
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: STALE
expires: Sat, 27 Aug 2022 13:18:59 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
202 B 228ms
201ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5538685&pages.direction=current&pages.spot=49&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2b8361515b39f5e9f277362563dddec841077527b695814c676e46ba4f22452b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Sat, 27 Aug 2022 13:09:00 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sat, 27 Aug 2022 13:19:00 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 188 KB
42 KB 875ms
853ms Fetch
application/json 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5538685&pages.direction=current&pages.spot=49&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 41425e8a1d4366404b9e7f1b4d7621a8e7bb72e5d484997e4973e0bc1ca3e9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2022 13:09:00 -0000
server: nginx
etag: W/"1071ad9eee6c588ca5343b3741ccbde9"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 27 Aug 2022 13:19:00 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 14ms
14ms Fetch
image/gif 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:08:59 GMT
x-content-type-options: nosniff
x-server-trace-id: b9c9c4a94b87441a:c45ed46a058b9e54:b9c9c4a94b87441a:1
x-amz-request-id: 0b33e469070e7417
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T05:55:32+00:00
content-length: 43
x-request-id: 8d242fd6-ccaf-4acd-a7ef-7282e40622f3
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Sun, 28 Aug 2022 13:08:59 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 3 KB
3 KB 24ms
23ms Image
image/png 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
x-content-type-options: nosniff
x-server-trace-id: 70fe56030992371e:4c69d0882b9e7768:70fe56030992371e:1
x-amz-request-id: c84bb787a068d3b4
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:35+00:00
content-length: 2873
x-request-id: c9311cb4-dbb7-4112-a811-b0791820e2e5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 28 Aug 2022 13:09:00 GMT

GET
H2 200 wr-750.webp
s13.stc.yc.kpcdn.net/share/i/12/12674899/ 68 KB
68 KB 247ms
246ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.yc.kpcdn.net/share/i/12/12674899/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 02dee947394563b553e1517910d38ecb0f034f05280f601632ea65f98f182ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Sat, 27 Aug 2022 06:02:31 GMT
server: nginx
x-amz-request-id: 19ad7c78ea0d005b
etag: "e75a5803d853205807ca8c90fc3a7a18"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 69820
expires: Wed, 31 Aug 2022 13:09:00 GMT

GET
H2 200 wr-750.webp
s15.stc.yc.kpcdn.net/share/i/12/12673619/ 126 KB
126 KB 21ms
20ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s15.stc.yc.kpcdn.net/share/i/12/12673619/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 99b7ee825033d9c3661f8c1beca3600f9937c0e74be7a2b74de51995f73412de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Fri, 26 Aug 2022 06:49:22 GMT
server: nginx
x-amz-request-id: 365c1a309bec700c
etag: "88bddeffcaae9e655388a59c399a1aae"
x-cached-since: 2022-08-26T07:10:33+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 129028
expires: Wed, 31 Aug 2022 13:09:00 GMT

GET
H2 200 wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12672240/ 68 KB
69 KB 24ms
23ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.yc.kpcdn.net/share/i/12/12672240/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 10f10df6762afaa5c0e7cbad018eecb494412ee5c62b82db5fe64d62b56431f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Thu, 25 Aug 2022 10:55:58 GMT
server: nginx
x-amz-request-id: 9605add4d5e4d181
etag: "b21b5b3cecb54bbafdc548a6b65136f0"
x-cached-since: 2022-08-25T11:11:54+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 70010
expires: Wed, 31 Aug 2022 13:09:00 GMT

GET
H2 200 585cf8492543ac13bf7f.js Show response
yastatic.net/partner-code-bundles/638452/ 13 KB
5 KB 101ms
32ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638452/585cf8492543ac13bf7f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

69097add1828ce9e65ed34da29bb103edd596ee8c7b610a3ef01e01d028aba4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4470
last-modified: Fri, 26 Aug 2022 19:44:54 GMT
server: nginx/1.17.9
etag: "04682d3265b7300a9f676b0319dfb833"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2052 19:43:52 GMT

GET
H2 200 bce1e329e6938e902a31.js Show response
yastatic.net/partner-code-bundles/638452/ 86 KB
18 KB 183ms
116ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f8560ab464578e68e658351a4198a3ba5194ff59e4045ff9dcd946ad391cbfaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17996
last-modified: Fri, 26 Aug 2022 19:44:54 GMT
server: nginx/1.17.9
etag: "9b783c9d48378de2dd9b506b46d2215a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2052 19:43:52 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 182ms
115ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2052 19:41:39 GMT

GET
H2 200 9fd0b4b611488f082add.js Show response
yastatic.net/partner-code-bundles/638452/ 533 KB
106 KB 127ms
65ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638452/9fd0b4b611488f082add.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d753a5dec79d867ea9001bb5ae9e6fc4b0d959a6045d02980bd4a28fc971364f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 107889
last-modified: Fri, 26 Aug 2022 19:44:54 GMT
server: nginx/1.17.9
etag: "166d6fa811d89d9fc4b81ec3f6b4ab52"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2052 19:43:52 GMT

GET
H2 200 74e50d8c9bc007d45542.js Show response
yastatic.net/partner-code-bundles/638452/ 36 KB
10 KB 147ms
115ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638452/74e50d8c9bc007d45542.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5db3eb38fcb64d80fe8c1993a5fe172fe2ca6e5a75939f7a481adad870543626

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10144
last-modified: Fri, 26 Aug 2022 19:44:54 GMT
server: nginx/1.17.9
etag: "f6d86676634be0d7f6d5e5d7dccdaa5b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2052 19:43:58 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 219 B
201 B 197ms
97ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

eb408322184379539c33068941ec5da920a07c29f74af9acb8a36cbc91294cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

21ms
21ms

XHR
text/plain

176.9.81.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.69.81.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 27 Aug 2022 13:09:00 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"c2c70af1926c8c04639f920813e5d9bb4745a559c864c9b726f7a1ef426d7a5b"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 66ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:51 GMT
server: nginx
etag: W/"62fb4553-1ddb3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 28 Aug 2022 13:09:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 62ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 27 Aug 2022 13:09:00 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 250ms
67ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 27 Aug 2022 13:09:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 160ms
59ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 27 Aug 2022 13:09:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 77ms
25ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 59ms
13ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 27 Aug 2022 13:09:00 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 250ms
66ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 27 Aug 2022 13:09:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 162ms
61ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 27 Aug 2022 13:09:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 71ms
22ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

25ms
25ms

XHR
text/plain

176.9.81.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.69.81.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 27 Aug 2022 13:08:59 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"a351521104b4c6d0295efc29ef38de096acf69cc911c839e67c4e17672958d72"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
476 B 141ms
75ms XHR
application/json 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: 57da68b6-5c23-45ae-a7f3-08638cba1a5a
expires: 0

POST
H2 200 hb Show response
ads.adfox.ru/ 217 B
200 B 184ms
93ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

81331e7aa9e6ce2e2ac852dca95ed9753855c92e55c8d5791ae69be64da583aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 221 B
530 B 148ms
58ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1afddf97c812b5caf73ffccf4265d714b3435ff871264a8f6595b34c4ee5eb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 55ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 27 Aug 2022 13:09:00 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 258ms
71ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 27 Aug 2022 13:09:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 157ms
57ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 27 Aug 2022 13:09:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 71ms
26ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 86 KB
26 KB 34ms
13ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

ff495faa2d1d7e5fd66d399eef697e1f0f31ad9be129a236997964c70cc1b734

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 36218956f60a8a38:6d4e1b59698146c5:36218956f60a8a38:1
x-amz-request-id: 929b979cf01159da
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:12+00:00
x-request-id: a7d0df92-3763-4921-8f84-8367814edbda
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:12 GMT
server: nginx
etag: W/"753bf756e904f76f4d1e6d25811ea5ea"
x-amz-version-id: 0005E6D4A107E99A
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:09:00 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/ 405 B
699 B 33ms
12ms Script
text/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

0e3c2b569feb8b04fb3a1b792387fd4b76636b62b419743eaeaed6b1fba96140

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: b262e09715d60ea5:e105295cca955980:b262e09715d60ea5:1
x-amz-request-id: eda0d42eeb15269a
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-27T02:24:12+00:00
x-request-id: 305dd15e-cfb7-4dcb-a2a1-061bc1a589b3
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Mon, 22 Aug 2022 13:43:09 GMT
server: nginx
etag: W/"d9cc42b783ce35adb2d68a4a0826d6ae"
x-amz-version-id: 0005E6D4A0D22624
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Aug 2022 13:09:00 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 293ms
292ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-27T13%3A09%3A00.340%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=3714893314&pr=2084862249&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879518736389&is-turbo=0&skip-token=&ad-session-id=1189561661605740344&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1661605740229-476&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&use-server-side-rendering=1&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b7874347125bb87bfa81867427a6a62f2f3b1cce33fd1015cfe1ac0cfde1a948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605740412856-925665991546611507-vla1-3228-vla-l7-balancer-8080-BAL-9037
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 234ms
103ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-de2c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56876
expires: Sat, 27 Aug 2022 14:09:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 50ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=24910369550

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 49ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=42514826332

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 50ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=539134001

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 98 KB
29 KB 569ms
569ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-27T13%3A09%3A00.468%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=2120609924&pr=2084862249&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879518736389&is-turbo=0&skip-token=&ad-session-id=1189561661605740344&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1661605740229-612&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoyMDQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&use-server-side-rendering=1&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9a5975867f2cc9780f720c3a7e1e1205f45d2d46727cd054ad61b5603d1eb44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1661605740496734-4289299713635426436-vla1-3228-vla-l7-balancer-8080-BAL-8923
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 21ms
19ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 18ms
17ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 22 Aug 2023 13:09:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 15ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 22 Aug 2023 13:09:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 20ms
19ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 623ms
622ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A09%3A00.516%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=1587480177&pr=2084862249&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879518736389&is-turbo=0&skip-token=&ad-session-id=1189561661605740344&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1661605740237-182&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI1MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE3MSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjcxNTczNzcwOTQwYjcyYzA0Mjg5In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI0NywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImtwXzJzbG90XzFzY3IifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE4MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg0MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTYxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1MiJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MTkxLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoyMDgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY2In0seyJiaWRkZXJOYW1lIjoiYmlkdm9sIiwiY2FtcGFpZ25faWQiOjE4NzEwMTYsInJlc3BvbnNlX3RpbWUiOjE2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIxNTM1In0seyJiaWRkZXJOYW1lIjoiYWRmb3hfaW1oby12aWRlbyIsImNhbXBhaWduX2lkIjoxNzg5NTgxLCJyZXNwb25zZV90aW1lIjoxOTEsImVycm9yIjp7ImNvZGUiOjF9fV0%3D&utf8=%E2%9C%93&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&use-server-side-rendering=1&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9782dac5cf0fbafd9e989c1fa032952faf2706b9e310859b9f3d2600c6abf405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605740544784-14825828937917467088-vla1-3228-vla-l7-balancer-8080-BAL-8659
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:01 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 21ms
20ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 27 Aug 2022 13:08:59 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 330ms
327ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A09%3A00.521%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=3664015506&pr=2084862249&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879518736389&is-turbo=0&skip-token=&ad-session-id=1189561661605740344&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A215%2C%22top%22%3A1207%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1661605740235-938&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI1NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE3MCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjhkMzA4ZDQyMzE2YzQwYjUxNjg4In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI0NSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfNXNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE3OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg1MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTYyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1OSJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&use-server-side-rendering=1&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f9c5c363f4bad5bc7c6b222e17e0095ccaa5d303431658b78b6633b89cb6137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605740553480-4523824327502803164-vla1-3228-vla-l7-balancer-8080-BAL-1026
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:00 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
6 KB 438ms
430ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A09%3A00.528%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=1039824251&pr=2084862249&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879518736389&is-turbo=0&skip-token=&ad-session-id=1189561661605740344&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A235%2C%22top%22%3A3862%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1661605740239-356&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI1MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjE3MSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkQ2dFBHMlgxdzkzNUtrSGk5cW9IIn0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI2NCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfOHNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE3OSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwMzAwNyJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTYyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzkyNzg1NyJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&use-server-side-rendering=1&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4e320580c0f0f3a948712ab04ea3341b27f2d31618245cd03c8a541875bf7907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661605740592684-12316663200723431969-vla1-3228-vla-l7-balancer-8080-BAL-1587
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 44DC 83 KB
28 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

422be4142d91c461f7fa4e71bd26b9e62ffede36ea22ec011d8c060956e64668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28510
x-xss-protection: 0
server: sffe
etag: "1315 / 192 of 1000 / last-modified: 1661552013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Aug 2022 13:09:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 68ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ff9ec69b09681934&pm=bmo&pxo=lcHwosKgMSVbE1UH-s1I6oIoBCJ_578gkxE767XpTD1lduiW7tapS7GBDBTuS8l3MDRdedDxxDKBwX7nlRLPaA-7GPHmjUrZIV1D6nLtzrsveuPJTKtn7lO4thRrocYLDey4IDl5tFUrbKn7XLehAed9XYPft3Lb2htxJP41-BFS2vP3103e&p5=gwdbk&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=cshsojg&sj=xtZ3KAUop2mbw0pVzt-ac3UgiaYKEtu3igsz6GDj5rHsd7i1oSjirSFbMYkJEg%3D%3D&puid1=adv-1661605740229-476&pr=gtmhvtp&p1=cdinl&rqs=a2cvdsttE3ZsFwpj5MIqwujSca_8BUDB

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.x8cg-Cbo6etPfDRQTtijuhkvmluHAjiwkXxBzrWVDeo36KtpukirAQZY0bO2SPWK.cwnF6OnCIkQwCY5XAyo4UQ3FOYA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9743.pPulFd0CnxRBrmJZ8OE8sTnDHoBuve6EwUZBuTWLKQglCCI30f1thTivngbaptnxEab-A7fhRcyXjtggXTkUQh8n4cElnp5r88HPC2IPkhQ%2C.wL6Tne94x83wL8H4rj77vYAC_4c%2C

43 B
378 B

49ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9743.pPulFd0CnxRBrmJZ8OE8sTnDHoBuve6EwUZBuTWLKQglCCI30f1thTivngbaptnxEab-A7fhRcyXjtggXTkUQh8n4cElnp5r88HPC2IPkhQ%2C.wL6Tne94x83wL8H4rj77vYAC_4c%2C

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9743.pPulFd0CnxRBrmJZ8OE8sTnDHoBuve6EwUZBuTWLKQglCCI30f1thTivngbaptnxEab-A7fhRcyXjtggXTkUQh8n4cElnp5r88HPC2IPkhQ%2C.wL6Tne94x83wL8H4rj77vYAC_4c%2C
date: Sat, 27 Aug 2022 13:09:00 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2022082401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 44DC 379 KB
130 KB 32ms
8ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132170
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Aug 2023 07:29:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 44DC 107 B
549 B 43ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 44DC 20 KB
10 KB 849ms
848ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=269254480196693&correlator=3444463392985327&eid=31060439%2C31068457%2C31069173%2C31067825&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_14&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661605740898&lmt=1661605740&dlt=1661605740686&idt=181&adxs=1410&adys=389&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=arj9sy1sqxf1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1140658869.1661605741&ga_sid=1661605741&ga_hid=773595535&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f9054a2f3a3638b38dbfe81baaa9459473ee082e4e7c3e7e13ca9e86a7d9ce79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9582
x-xss-protection: 0
google-lineitem-id: 5140685198
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138280952350
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 44DC 14 KB
11 KB 97ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aa9ad8ca08a1625d32e45ac04ad44829177d697892e505b32b84e086ecd84db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11182
x-xss-protection: 0

GET
H2 200 container.html Show response
f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 225F 6 KB
4 KB 98ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:00 GMT
expires: Sun, 27 Aug 2023 13:09:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A592 83 KB
28 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28646
x-xss-protection: 0
server: sffe
etag: "1315 / 349 of 1000 / last-modified: 1661551853"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Aug 2022 13:09:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 79ms
78ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=233dda86975e6665&pm=bmo&pxo=qdCKvr1F4DOpjw8UoJf4ozXnu-L7pQB_qKJGqfBPWBq3b-lH7cPZwLqsfPsxmyd1f7ikyexrGwffDHy5kcH5ezN5X1bthScg7zJFwoyg3MFmmfPCt5NfwWscjrNFeA9AhkYAxMNEYIenkldSAzH1mh8MRhaDzNhuFG79J_6frBaDsxRPQtk%3D&p5=gwefg&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjnpirZgEKfnmAjoXw&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=rvjxnc&sj=do8aSVPHVFLQBVysPJAA712bnVVx8k-T5HNSZnLLWQOTGG_wGbqJ1ZioIsRTOw%3D%3D&puid1=adv-1661605740235-938&p1=cavko

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pubads_impl_2022082202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A592 384 KB
131 KB 8ms
8ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133587
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:21:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Aug 2023 07:00:07 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 13:09:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 65ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=b3d8df0d535732cd&pm=cyz&p5=ljjmt&ad-session-id=1189561661605740344&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjgeZziEagLJLNLj1e&pr=gtmhvtp&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&rand=glmkjsf&sj=S52EoQE-MuflpReIX824qTKw6vMbigpZgHCe4m0ftgcXjPBOsBvN2CJHf4D1qA%3D%3D&puid1=adv-1661605740239-356&p1=clerf

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 146ms
46ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: 213469143c310cba
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: b84bc812e43785c0

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 262ms
162ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: 0d808b650f62c926
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 8ff3203855e707a3

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 44DC 17 KB
7 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A592 107 B
792 B 41ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A592 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A592 110 KB
32 KB 667ms
667ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066154044990865&correlator=2794803726240986&eid=31069189%2C31061690&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_14&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661605741066&lmt=1661605741&dlt=1661605740909&idt=134&adxs=215&adys=1207&biw=1600&bih=1200&isw=240&ish=400&scr_x=0&scr_y=0&btvi=1&ucis=nzayeoac59kp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=954806756.1661605741&ga_sid=1661605741&ga_hid=693066289&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f8005225bcb9ced0638067dbcba17e1aa212ab3baedf3307650bc4c4bd0d971e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33122
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A592 14 KB
11 KB 75ms
57ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda203b963845af2d1fab6b7f6e4f6944679e7c310aa5ad4a19989b99ff18c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11000
x-xss-protection: 0

GET
H2 200 container.html Show response
4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA61 6 KB
3 KB 70ms
17ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sun, 27 Aug 2023 13:09:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 32ms
32ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: f9179a3fb76bd528
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Aug 2023 18:57:13 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/196252/ZjgAMRuhQkW92-8KXIjF-A/ 14 KB
15 KB 211ms
103ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/196252/ZjgAMRuhQkW92-8KXIjF-A/y300
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: afb8be130e97b7a6d5bf5f78e7025f67d2d049a7e8798fdf9f970111c830de48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 15 Feb 2020 10:13:04 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14616
x-request-id: 5170cc23994dceb

GET
H/1.1 200
Ok ticketbank.de
favicon.yandex.net/favicon/ 744 B
957 B 180ms
60ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ticketbank.de?size=32&stub=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a445ef755fc52ebe466adbd7ecf929ff62f733168d27ee8e9f06eab061ae45a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
23 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 14:45:50 GMT
x-content-type-options: nosniff
age: 253391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 14:45:50 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:22:34 GMT
x-content-type-options: nosniff
age: 99987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:22:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 233916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 19:04:26 GMT
x-content-type-options: nosniff
age: 497075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 19:04:26 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 1121 24 KB
7 KB 99ms
34ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 27 Aug 2022 13:09:01 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 26 Aug 2052 19:41:31 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BA9A 83 KB
28 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b88026e484421b4cec0c538a3c743fbc99006edc9ce34bd9f9827d8c5fe225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28570
x-xss-protection: 0
server: sffe
etag: "1315 / 623 of 1000 / last-modified: 1661552013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 65ms
65ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=2525b6f2721ef3f7&pm=bmo&pxo=7vuTlc1y2wXFbR1wV6Q5frQjLx3qjiGEDIxJi1k_AgB_qi0e63bpDu9YFIwPzZh8QLrANVFF3xdOzC4JD7CbqFNY8doU9jp7rjZ3jaqLsMfOd5jSbJUIL6UswZ6dc_A8ga_Ga6Z5-3WHdEPea9mDY1lc7nuEVN-KcuZ-b1kk18OSJXzCsw%3D%3D&p5=gwaok&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjV-MKGb_QjFc6GUEd&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=ckwaqfq&sj=no0crn-5zbBkXPgKQdZqq7hgSzUHoMdhUmaJqa0B-ExCTa5-uUnO0mLZMVVI3w%3D%3D&puid1=adv-1661605740237-182&p1=bufhv

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Au...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3...

167 B
577 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A713708372%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29mc%28p-3-h-1%29clc%280-0-0%29lt%2852900%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0f79d5d5e89c65cec3b62d96db1fd60103400aa9f2fb90ef3a0fda2174e76dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A713708372%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29mc%28p-3-h-1%29clc%280-0-0%29lt%2852900%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/42093449/
Redirect Chain

https://mc.yandex.com/watch/42093449?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/42093449/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3A...

350 B
388 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130900%3Aet%3A1661605741%3Ac%3A1%3Arn%3A430490736%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bd258cb50a129b9cf32ffe3e3e4437224bb6993dc2647434460ac8d7d9037986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
location: /watch/42093449/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130900%3Aet%3A1661605741%3Ac%3A1%3Arn%3A430490736%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A592 17 KB
6 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5AC4 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 12:27:59 GMT
expires: Sun, 27 Aug 2023 12:27:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 64A4 783 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16f11f9228638f50f608507c0ec6a02e4e515b378266455d8f89fefd93ae3090

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hSFP2zBJPBx_BwKoYoKMkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-hSFP2zBJPBx_BwKoYoKMkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sat, 27 Aug 2022 13:09:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl_2022082302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA9A 379 KB
129 KB 9ms
9ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132097
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:23:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Aug 2023 13:04:32 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
85 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A502926472%3Arqn%3A1%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Ads%3A0%2C0%2C140%2C137%2C387%2C0%2C%2C66%2C0%2C%2C%2C%2C905%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
73 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1392769741925%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A605220602%3Arqn%3A2%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A598301259%3Arqn%3A1%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Ads%3A0%2C0%2C140%2C137%2C387%2C0%2C%2C66%2C0%2C%2C%2C%2C905%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A366034528%3Arqn%3A2%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 50ms
49ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A707261617%3Arqn%3A3%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(3)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H2 200 42093449 Show response
mc.yandex.com/watch/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22638452%22%3A%7B%22remoteLogString%22%3A%7B%22Error%22%3A%7B%7D%7D%7D%7D&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A138743251206%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605741%3Ac%3A1%3Arn%3A716659502%3Arqn%3A4%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605741%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)rqnt(4)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 662B 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 12:27:59 GMT
expires: Sun, 27 Aug 2023 12:27:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AAB4 783 B
533 B 35ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10c5967601caa1942f8aa476602f990ad7c74b85d0ac48ba78290b382d7607dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0OMfPQwSu1ntm2LKdph0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-0OMfPQwSu1ntm2LKdph0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sat, 27 Aug 2022 13:09:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame BA9A 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA9A 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BA9A 127 KB
44 KB 380ms
380ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=714956928915576&correlator=1996471321532234&eid=31069136%2C31069190%2C31068529&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_14&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661605741481&lmt=1661605741&dlt=1661605741258&idt=195&adxs=1100&adys=486&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=ug8i7kikq752&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=793520755.1661605741&ga_sid=1661605741&ga_hid=284273827&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

481b7705d4d3671996f7c7467362dfdec01da0752c7be98732c79c3a5e0d7545

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyD7N-L5_kCFRaMdwod_6sGJg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyD7N-L5_kCFRaMdwod_6sGJg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44822
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 27 Aug 2022 13:09:01 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA9A 14 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60493970f6c0e647db4396199d1eae83ed81bfee3dd5f5c3c3b3721e2ef4b925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11076
x-xss-protection: 0

GET
H2 200 container.html Show response
e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BB7 6 KB
3 KB 63ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sun, 27 Aug 2023 13:09:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 1121 95 B
400 B 161ms
51ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 13:09:01 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sun, 28 Aug 2022 13:09:01 GMT

GET
H2 200 1PaOWFRT0Hm200000000U9nJp4xNBpkTArncACRuDEULCPEhPOuuLp8347Z2H4ADjFypnVQbCJ2aCWB5CyKOjyQ1n4jbWBpQmaEC3AsC8B8J90i4J0mp6TzRGzWB6LzfGbWh6NUgGbXx6OkkypCS1VFFCZ83HQuoWhJUPMIGOM3wopYBYO5XBXD8P2dJAQ3qMgPVG... Show response
yandex.ru/an/rtbcount/ 43 B
591 B 55ms
54ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1PaOWFRT0Hm200000000U9nJp4xNBpkTArncACRuDEULCPEhPOuuLp8347Z2H4ADjFypnVQbCJ2aCWB5CyKOjyQ1n4jbWBpQmaEC3AsC8B8J90i4J0mp6TzRGzWB6LzfGbWh6NUgGbXx6OkkypCS1VFFCZ83HQuoWhJUPMIGOM3wopYBYO5XBXD8P2dJAQ3qMgPVGFPPflz0y9Jf1L3a5PC06-kDCZ6Wjbgn3xijdhCo_6NY12fgPMO5ahtCYa1oAZF8YBdCJ23BWQG2o6wMZSmM__F2s7MQ14uoPoi_NBzsst6hgs2LTy7aJsO79twmCsUnA2GQ9PUb59UKk1f75RkL5sI5fdbxXkjcbkOu9oOM5BkxBsIH3eKeNi7oldm72zC15gQRB11VVh1_o7Bs30YyiN_B0lBh1DRMXXCDRGVi5h1odcJT_8G3hEu2QqD30yjDrcnpqN_QnsUeVMK5-RE3hO5b0jlhStitRjzvkxDi1jkLmy4Bs7PlUlYcwyMdF-iPLxB1p3x0vd62ZVaH6wzNX8kLQugRjt5OGPBvIpQOAtx2MHFPvw-REisOyutzB7OsCsCB4rEZ3UmD2ZlO6K-mYpnWVtZWwidE5-ycPlrWvsdWsFhU003EDQfG

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
74 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29333589abb5b5485dccf8fb0ff0578810087103877ef71eecb52e3b23f7c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75743
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 64A4 0
0 57ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082401&jk=269254480196693&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AC4 36 KB
14 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:00:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AAB4 0
0 48ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=2066154044990865&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 662B 36 KB
14 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:00:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA9A 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8FF 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 12:27:59 GMT
expires: Sun, 27 Aug 2023 12:27:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81B2 783 B
534 B 18ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7af117c81127bd319814813ea457519d009ca62ad9b99a4f727f1c979169d16d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Lhmg-vF_Sr1pMZtgjHX8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2Lhmg-vF_Sr1pMZtgjHX8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sat, 27 Aug 2022 13:09:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 33ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29cbf38fb15452289dc116c1c93ff40f9199972da0aaec9c6922ba60d39b9dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72841
x-xss-protection: 0
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 41ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4aeb05bf4adb947083b9a75e440df88368660f65cd0eaa52ee02dcc16e957f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72866
x-xss-protection: 0
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 182ms
59ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
last-modified: Wed, 01 Dec 2021 16:19:49 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a5-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sat, 10 Sep 2022 13:09:01 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
70 KB 47ms
47ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:41:08 GMT
etag: "63076de4-118f0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71920
expires: Sat, 27 Aug 2022 14:09:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 421
date: Sat, 27 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Aug 2022 15:02:00 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 192ms
63ms Script
application/x-javascript 82.202.225.229
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.229 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 13:09:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 12:15:43 GMT
Server: nginx
ETag: W/"5c54386f-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 30 Aug 2022 13:09:01 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 27ms
9ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1661605741659&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&c7=https%3A%2F%2Fwww.tumen.kp.ru%2F&c9=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: wEIBqmTcjDUNEFPmCfHd2QvOxZMgPg6NPqCIBs0iPmROg97HHZy7fA==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kptumen
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u0...
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%...

43 B
528 B

46ms
45ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.6512912378997868

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 13:09:01 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 13:09:01 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.6512912378997868
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 26 Aug 2021 21:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81B2 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082302&jk=714956928915576&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame A8FF 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:00:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe8o0&_p=414708881&cid=344982892.1661605742&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661605741&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_nsi=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=344982892.1661605742&jid=1638745345&gjid=962499394&_gid=2033519456.1661605742&_u=YCDAgAABAAAAAE~&z=1442094617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Aug 2022 13:09:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=414708881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAAAABAAAAAG~&jid=680357970&gjid=456740605&cid=344982892.1661605742&tid=UA-5200037-42&_gid=2033519456.1661605742&_r=1&gtm=2wg8o0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1128265130

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=414708881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAAAABAAAAAG~&jid=1770191982&gjid=1131021870&cid=344982892.1661605742&tid=UA-23870775-31&_gid=2033519456.1661605742&_r=1&gtm=2wg8o0WCBNVW&cd1=&z=1122917596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
8ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=414708881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=1638745345&gjid=962499394&cid=344982892.1661605742&tid=UA-23870775-1&_gid=2033519456.1661605742&gtm=2wg8o0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=643102889

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 15:43:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 30ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E8KWCYC304&gtm=2oe8o0&_p=414708881&cid=344982892.1661605742&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661605741&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB8E 6 KB
3 KB 35ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sun, 27 Aug 2023 13:09:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 76ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5b768f67cc6f5ca5&pm=bmu&pxo=qdCKvr1F4DOpjw8UoJf4ozXnu-L7pQB_qKJGqfBPWBq3b-lH7cPZwLqsfPsxmyd1f7ikyexrGwffDHy5kcH5ezN5X1bthScg7zJFwoyg3MFmmfPCt5NfwWscjrNFeA9AhkYAxMNEYIenkldSAzH1mh8MRhaDzNhuFG79J_6frBaDsxRPQtk%3D&p5=gwefg&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjnpirZgEKfnmAjoXw&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=nextbot&sj=do8aSVPHVFLQBVysPJAA712bnVVx8k-T5HNSZnLLWQOTGG_wGbqJ1ZioIsRTOw%3D%3D&puid1=adv-1661605740235-938&p1=cavko&resp-time=908

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 662B 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A3-roQ
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A4E 0
0 44ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVOBI4wj9wvPUTUjZ3-UyuThFqGfqFvkkpAqFJu--70KqejZ38nfkezpx_JCBxon9v4WWzj0_z_G1kSJGvvNyCGsVBRFr1NApld4sH47x_5R0aOmv6QslejmWVKQbs7fvKvV9gmM80bscfJGmn0I5Zh98GJv5Sw-_CuhpWs2zm1ZctKBdTYIV9Jj9460ZZ5lmAhnY8NaU5FIbB7tQn2wxjy33zddlj93ar8dGIcCOubOcRil8VjnHqwd2qxDKxXHLD9CRfMVgDiBXXU5m1JVpIQH8u58QCNofOoHkQHYwsTrUDWhpoiMf7a1ni-s4pCTFtguD3Wg&sai=AMfl-YQUWn11AOy-BeipL6a2XKnq4nf7apTahBLhCD7KUcBJg5H0d2pTnQETzCusX1PPJzgomI1hk4PGd-lBTZ3jMZXL7-WiG2XviJslZT5JHASmy-i1orH5b3vL776f12qFryE&sig=Cg0ArKJSzHpHTT98WfpkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 8A4E 60 KB
15 KB 45ms
45ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 14:08:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A4E 140 KB
43 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:09:01 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 82ms
81ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ce0dd78000f0a844&pm=bmv&pxo=lcHwosKgMSVbE1UH-s1I6oIoBCJ_578gkxE767XpTD1lduiW7tapS7GBDBTuS8l3MDRdedDxxDKBwX7nlRLPaA-7GPHmjUrZIV1D6nLtzrsveuPJTKtn7lO4thRrocYLDey4IDl5tFUrbKn7XLehAed9XYPft3Lb2htxJP41-BFS2vP3103e&p5=gwdbk&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=ncrdnij&sj=xtZ3KAUop2mbw0pVzt-ac3UgiaYKEtu3igsz6GDj5rHsd7i1oSjirSFbMYkJEg%3D%3D&puid1=adv-1661605740229-476&pr=gtmhvtp&p1=cdinl&rqs=a2cvdsttE3ZsFwpj5MIqwujSca_8BUDB&resp-time=1162&creative-id=138280952350&google-width=160&google-height=600

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
33ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=344982892.1661605742&jid=1638745345&_u=YCDAgAABAAAAAE~&z=1416028785

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=344982892.1661605742&jid=1638745345&_u=YCDAgAABAAAAAE~&z=1416028785

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5AC4 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LfeNsg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 422 B
456 B 51ms
50ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1191096441535%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605742%3Ac%3A1%3Arn%3A945189498%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-4-h-2)clc(0-0-0)lt(68700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

35fb624a84b4b58abc85605e056a58c3f85c64bfd92870a61ee752f0e0e19f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 422
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 383 B
418 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A986125148526%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605742%3Ac%3A1%3Arn%3A593076472%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-5-h-3)clc(0-0-0)lt(68700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

df83f8ad46ffdd1175587ea0ad71022ecfae60bffd733bb091b499d7c28826ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 383 B
414 B 54ms
54ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A5%3Adp%3A0%3Als%3A168100698866%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130901%3Aet%3A1661605742%3Ac%3A1%3Arn%3A771118335%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-8-h-4)clc(0-0-0)lt(68700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3e7623ae51bac232daf0c2afa8df56b91db30ce0d034fb67e90595c4068571d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:01 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=344982892.1661605742&jid=1770191982&gjid=1131021870&_gid=2033519456.1661605742&_u=YCHAAAABAAAAAG~&z=1019229484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Aug 2022 13:09:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C0D 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:01 GMT
expires: Sun, 27 Aug 2023 13:09:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 81ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=0f5deef71cea51a1&pm=bmu&pxo=7vuTlc1y2wXFbR1wV6Q5frQjLx3qjiGEDIxJi1k_AgB_qi0e63bpDu9YFIwPzZh8QLrANVFF3xdOzC4JD7CbqFNY8doU9jp7rjZ3jaqLsMfOd5jSbJUIL6UswZ6dc_A8ga_Ga6Z5-3WHdEPea9mDY1lc7nuEVN-KcuZ-b1kk18OSJXzCsw%3D%3D&p5=gwaok&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjV-MKGb_QjFc6GUEd&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=nrsqfse&sj=no0crn-5zbBkXPgKQdZqq7hgSzUHoMdhUmaJqa0B-ExCTa5-uUnO0mLZMVVI3w%3D%3D&puid1=adv-1661605740237-182&p1=bufhv&resp-time=704

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
172 B 47ms
46ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 27 Aug 2022 14:09:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FB8E 2 KB
535 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 12:11:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 13:09:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame FB8E 2 KB
902 B 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 13:05:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FB8E 0
0 53ms
53ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck69ybRcKY5DkBqq49u8P8Pyg0AGTiuvea6vV6dCEELzOuOyvMBABIPHL50JglYKAgJgHoAHc38rcA8gBCakCVKlVwvy3sD7gAgCoAwHIA8sEqgShAk_Q11TL1U9i7q6v4c6WCefQMBktdnoyCS95hA7FTXTwoIVotV_zsZQroqW34f2_uKWLvvr8zFzJbtogaWR6XmSZDGzuP98QyRpew6itTquMlvNPuzbySEz4UqPnDr58vEiRVtQqWosZmtAO9wwvkQ-BX_EoyFZxdWHZCpVzrhs3ltdc6WmOgXfEnok4BY6IRSHq4SA30Hr6Sy8lReJblolQUlFKCJb_U9uAyvxsmVmiSgXU26gV4vomy7ARoq-trhnMmFgPZrBj6QLG_S_3mLhONkdNjqn3hoCa8sNs0GgTUFLbCBFrWzgMlrer_td49cPWbdkUaQvyR_CPbReW7CcyQvd5FENeYd8JjLFDt-zalkrzihSifkSXIQtclxUiHIDABPbXwPf6A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeMoLUjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENagGNIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAZgM_K32jvkDwhMGGNzfytwD2BMO0BUBmBYBgBcBshceChwIABIUcHViLTcxNzI3MzM0MDg0NTU2OTIY8f4T&sigh=PhwAPB5Dp2Q&uach_m=[UACH]&template_id=494
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame FB8E 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:52:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame FB8E 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:51:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame FB8E 17 KB
7 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:53:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FB8E 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1bZv2tuVHo_QMnxEui05TrUuRZ-BpsuPkPXsnfkR3_tBtr4d1QodRNY7cxroumDCof-UeM0VpXACyCxZmNNOHthwIMQ
Requested by: Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame FB8E 33 KB
14 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
DATA 200
OK truncated
/ Frame 8A4E 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1d0cb8582621d9639e2264cae5618bf768246a1f1d386db13e697b4feb13c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame FB8E 19 KB
19 KB 36ms
9ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSzj5Zcuw69TYx-4b7G3Rbsn7q2zFiZ0OPj4JELGiWLB88qoLKt2ovVEllfEvQ&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6cc7f050ce82662ab4dc620128c444f8b5edcc37ea4cbab815defb4ce178a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:07:36 GMT
x-content-type-options: nosniff
age: 176486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19076
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:11:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Aug 2023 12:07:36 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame FB8E 8 KB
8 KB 37ms
9ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRWu8dAGchRzYBzoLxjXUUC5PHJ_0Va7JLhudl30NzJI5jVzAp3&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f15e7111fd9f4d7031f26c85aa01c70e817248468c83c208df34822549de13f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 08:56:09 GMT
x-content-type-options: nosniff
age: 447173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8011
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 01:44:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Aug 2023 08:56:09 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame FB8E 20 KB
20 KB 38ms
12ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRcno2F_vpBcQHv4iLHZfObVbSVh-qYB6JY58PxrCifYSQI2UbJxNWFviczUjY&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e0226ae3948c4f3adfb3964eb32935e5bb0f627654e17e60dadbe3ee98df5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 05:31:23 GMT
x-content-type-options: nosniff
age: 27459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20639
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 11:13:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Aug 2023 05:31:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame FB8E 17 KB
17 KB 43ms
16ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQnzx1-fjbt4t-1dX__MPCypdtBItJMNp_cG-KktKmzTXtgMWLsok0Q9ccKFxg&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c2fb69c9516e2f9c0e77256254df22fa3f98ca28d025a073c0787442d6b301f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:16:35 GMT
x-content-type-options: nosniff
age: 445947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17243
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 02:47:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Aug 2023 09:16:35 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame FB8E 19 KB
20 KB 35ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ7nJL7YPvNwDlTervJBg8_2X1mhKEaPup2-yNbczQ3GjDufUUUhfUd-rSlTQ&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f61cd5097d0340ee183612a3ead71c232e1b21bb47f397b575dd48abeecec83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:55:49 GMT
x-content-type-options: nosniff
age: 187993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19546
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 04:35:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Aug 2023 08:55:49 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FB8E 14 KB
15 KB 36ms
8ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTz2ILCKBDlvZJlf-QfgQ7XztPKyfkd-k1jvKWk5AQ2Ixyh0wI&usqp=CAI

Requested by

Host: 4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
URL: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9adb69c53b32d803fdd06ce2dec775a62eafe5072df45d2c4508b42cf3c9417c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 02:29:54 GMT
x-content-type-options: nosniff
age: 38348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14553
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 11:20:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Aug 2023 02:29:54 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 264ms
130ms Script
application/x-javascript 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 13:09:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 64ms
63ms Image
image/png 82.202.225.229
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.tumen.kp.ru%2F&rnd=4603740914269
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.229 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel21.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sat, 27 Aug 2022 13:09:02 GMT
X-Target-Final: 20220827160902-0
Server: nginx
X-Target-Host: target2-1.ssel21
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00024
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sat, 27 Aug 2022 13:09:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
141 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1191096441535%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A213403266%3Arqn%3A1%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Ads%3A0%2C0%2C140%2C137%2C387%2C0%2C%2C66%2C0%2C%2C%2C%2C905%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 43 B
73 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1191096441535%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A315474639%3Arqn%3A2%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 54ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1191096441535%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A461460598%3Arqn%3A3%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

GET
H2 200 280362139*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
334 B 59ms
58ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/280362139***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 6e692e5c79781cffc84a686aa13e40ef3587351c309e40e6fec101c731f0845a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

986036080
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080

43 B
297 B

61ms
58ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/986036080
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 0FAB 4 KB
1 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 10:06:05 GMT
etag: 11900953634711111692
expires: Sun, 28 Aug 2022 10:06:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9C0D 0
0 53ms
52ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcRdrbRcKY6yZIJaY3gP_15qwAtCg1YpsuNex5pEIwMjZ8rcwEAEg8cvnQmCVgoCAmAegAcqK2P4DyAEJqQJUqVXC_LewPuACAKgDAcgDywSqBJACT9DMyEOaH7clqdEKUuLe7L2CdiU7iHFhFs_LAwRY7Qjs8LbQvw2-4MXGc4dp5nm8Y4acNJ6v9QWuIzaptPEw1cJ528UcVxwliobLU7uo1eEThGc2wfhb-FWRZmNbBr5xj8RCyyW3aaHRbwne32DdG-2QDDJNjPLQ_fOKSvz5nSnnvbuzvRxoNydoBQ6f9JUCfgA4ihvs5SFRP8qzZ3v5XMvXo-EwP_TVN1G7FRoflrRO5g9MvyFIcCVqsvT41zeH4nrCb1zmevzQ5oUmUrCMPYEzPyUx2BLM2zDGQAOqu-bSPhJcqeNe7qzACpKu9dEPXSsvBeVHzxl4F_G6S2PQBHnoCDaIMjenlzpz8wntPtrABP2u_Mm0AeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAee9acBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEN-RF9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTC4gUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=ppyx2dZwvCg&uach_m=[UACH]&template_id=494
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 9C0D 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:52:10 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 8A4E 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ 86 KB
28 KB 268ms
163ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?available-width=160&bids=W10%3D&date=2022-08-27T13%3A09%3A00.340%2B00%3A00&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKispkmBUKBO8TC7t7_S4uuYp5WKlnaJpJ0mcB7d-xtd9tVxDL_t7pfTVllTUeVJaWgVzAVDY469t59s5ICeGNAL0MaMgYxSQoiJ_baJfy2Bz21iQhillFGGBhmaEnsCOVEnpkStsqmsSVoT8CroiTYxJJoBHQKhsiX6RYqwLjhpokvMDTuGmpAMyF2uUVEkhrqwKe_TJOa6MBkWSXViXGTJK4DWBOqC1i6aBVuAOhWMbzAvcAkkFe03Ghe-xKTEXG8FGXBYkfGA6QmyxC1QwXSHGQWjgimYkO1Cqrorh5N0EdBUgNJCq0pI8rPZmRHy8bNxuDj5-O1OO0IOPrBt2vzCzQZ-Zg67qzK5mDlAF-XkcHDBdzLYnYxMopWLkcnOwWQHXTQBDi82SkQluTTGWhMoKoq6aIkX4KJdMNPwWxMCleWwpIl-ATUk2oHLvPSwqKDXBVyvsi4K81Bg1x5duoDDWvbRLsPNKphJOuhIjn44NC-XEHctwaBe5pqXr1Rklmpm8SJhHS4T86LUntVLy6WHCoTl07ZwGg7nzl5kWDi70qUl1aIY-pkWJLnIMC1tVp755E2T5aFZTrIoaEQUZ0YwxBYzf5k6fE3bnWgKyo99CGQ3LKspZhJnZ6EwVlFhZZJi4aCDywif0xEiLKgJJBG8upcg6t5FTrk9ZoNw1z83IycdHz-nE54iODe93c7IVLkQuhwO0EUdXF5mdiwCLA6vG3PlYEYIjxGxKF8C5Z0NnV-4kZGzd8HDqxkEudzwBb3uigiV3Y6Uc3eHS4xf-LDjCxYEd4U3eVjhOhlYBbxClR25CylHXbQYOekRCMFZbp12BlQoAbvcki35G5dbNb-wyz8cAN8BWiWDhxcBKvQLF4S3Iswl-7dgsFmB3H4fMk2np3wyEmrpNM0JI93GtahsPrdCUu4es8_dQCWkKsq4Xv3NA4CCVeyP0WST-dOJ9D5hAGapb0iIEqOKwtf-nMpNmxv9MR3yxMhn51InZh-LLT5mBiFnVl9wmJ9VSU93jQ-GQ31CtDw_TAqx-iJjSHLiv7-u3PBEOgOWH5N9roO2cOlnv4rW1zg2GG2c90ddQMa3_9FrQsHkVIPY87AshefgT8xID4hukoAPIpx2nazup7wgPNWkf94UPup8skP_dcOPMoUvwjDsAU4f3K31b1X39OuvqMHPM18qEiVaH6OZIrd5l7HT8FZfLQf5D2_Lc87kEOSryB8ZgC9zNp2Sfsr7Wft79TONJPW5Gbi56L9_M-FdSRr3iJ-UbZtDoZ5jCMnndojbLcZxesVdvmO-964VO6Vo5gltzrOVP2TtjOSrtstdan_Z3L464ez6RmF8D1jZi6VyIACVh4Vu9wI7v1qqM6bww1i4BV3sjF7ByskLxwGiKzSMMLOlBsP5_yHVqFgA40KPhM7Pu4nh8P1unA42kNlcOPdtYiaK8W3irWJ_m3i32N8m3i3mt4nIwee3iWHw9W3C-318m3i3eN9GebHFx8x8fpswHGJ-m1A_iPttoo7A_W8TdSWufpt4na9vEx6H728Tw4Gb3yY8DzG-TZAIfX2b0Gz9fRvlOhfz24QJA7e_TbzQ17dRHo243yacgsX4NhFFxf02Slnbz7eJN-PmtwmnbF_fJt4u_rcJL_f1bZSng8vfJty2Yn4b2MgQwWOXdW5kHhpZRh9OkNAg4IAjy-hzcDZBhfUeT0XMywMKw_-TovKX38HgYpIPr0BFw8iK3BHgaRAZA4cgvscjw7BvAIGTBz7S51xzdD7whp-Liwu-y5WD38_R1kndZLOn6xprwmgxPjMKL6FDyImInXs9cHYUTCjo0IjyeTDiMsEW8OAQPcwOBkEHqxdjZUHHiZaXpwSxWO-LIQ_w8DC5ZDjfeR3mysVMDxozm2hQ4yh1H8hfDuSk6W2KclJqAu3zSX9rCH3ucgvV4uES1iGNvVUUc6WkOmbyWBa5ymYMU18dDvR-1gE_IWbYR7A9Ko17LI_o57RsGtf3KH1uRoccCWq03uk1v2wHxMPDplHry9voZ9JAbePvDVbRXGEF8S1qkypwyl8o_t2RS5Z_zVSFisIvZDwrEFNlBRxsOyruKMuUVOqvDBoWNneIVzrMmITg2L2eyuYAjR29PZDZ2Nx8SlzJM2sHMqrHzkBvZ2JZ-rMwoAGJEXn_xg1ke7DqfMgrlUYTBH1Jw7YuwKjIYiLQtPZq0M3rNpY5jHpIc12Tuv4cafuqj86qZo9P3VHq2eiaqDxqF37mbEZmJnosniVETtSIHbCdsklCWGF_oZK7OlEjR48EmagiebFyu4TgwV3unbwoUML9ozTP2E1zlb0NYN2wTjHTfRfp27lJ0pyVBtW9cd0gNfoXo7I0vAr6S3gmb2x3XUU9s_M2QrPx9NYXDUnRnUwan-13M0fMf4l4spVuQGuXyIl386gVLD2NcYDHwTd1elq2FCdKXkYqc97ohRYeI1y2Nlf_FtP-c06Sopr8kQnRoKIZP7ykt5H3b6aYi_pBPwxPI1S69_AAtywbqpSwdKOt6V4v0UX6DSIjpG-cIZaRxA3df4ZqphC1dqDcCrUxVk40qEF1gCrKh7kud-brGkzn8PwaZVaXLLucQs_JNeDi2XtsqEEBBdn0JsTbyNUBF20aW0kI_PUK4ZLvxshVnukRXNbb8COjK6LV-tB_mrEBoiNaC8eHk1EtUu3vZmteDzUsPd_EUCzouc_lGfjjtuVCCYcbznxOYC_9bi0ulSZvIVomve9r7u4BzNJkuug1j8oPEpqxAC_w28Le2PBM1HEhz7R0RmQ9_9haphq9nZG5onU6uBjhccCnk7yJMWFnE481W4u1Bs3g0rYwmfTCvZ-2-ZllSUV30iMXeXe3YfnnegmJ4KVSWniB1fVoEg2G2kftOflZ-b1NfIlgecdfoe0lYVZh7yThwocCO2MaS05Qu466jSU4T2pyzVhSkttDHnVJEUGxz-3Duu50uOH6gF5q9EQ1l4Vkxj1h5ZUwqWbkQTepvGpKRiK5EX8m-Mv2XlHR5AwyB1FqMgPYzXukk7Xbxw9lgLRThKm5HSLOkZfgcYC2JUKLTQ5mm06zsWvyPW0bcUvrK4VHikIap5y1EyPxjN-kKOVIUn51KnmPu2sR9gPXYrqsOw3pmenvekhfPeOdTGQqfD7XDbGnTQYEj8cvhbd42OgXvWXwnWC2JLP1uxXKE9CLLGI3JMFHYM0CfUOKxrHZvn_iQE64tEg7Gt5SHSeDdvdDLFJLEZehjgRdW4NgLSs12cpZ7-e11N8SVJgxLWUY4jHIgD5UKlv9lX761by4yoNuy9hcnKGvNjqV1Ln6CdoqpKJUwQAwsL33gv59gddTuUCm5wGJp9WjzyG6zbBESxXTOvFY4dMrM1qs5nmFXJfcKXKzOvX0fC2JxDAJjqRPypAR4R5eS7ZVlptrGYJsh-HPeBDU1j70D0lxi0DJLvUvrvWkQ17vCZ_wOuU8SYdFxUrSfAjrXr2TS5uFkjrCtjaLYNqYtB9ieRLGNyKJyoJvz3vWA0RDR8-DQpTvHXe9Uel-GTUPfLHx2M52Y187QH2G2ZE880o9dFF2adGcT0PHB4KTfpzD4wEWzzjLNqUXmJnsH6qCPmvj9xahnpYNMvfqVszCqPeUqZ97X2Wmkth_uob4Yz-sJgD8WqJt0nm1kZyy6qLZB2dLFOL1lJPHsgUXt70tKDurZQbwO3aScfU-gqU4gEf9Qqb04f8Qh9n6Gs1pDuGPS5_0UMn2x08n2rfhztI2kAGAeMiMcvxplcUbOuN4XfnYU4tYupEAp5hci5TDLjR1hDTMIQ5MMns84Gwf-zKVy_P2b-Avbp6-h31ll_bZUNeGd_VHq35GzfU4QcZYQiisAVKkbWcTrO6GPfddYzLlp5PyyYEv-e1v8hnqqcx25t0lJP4KyvwKTdHVaWYUn66vjbc7muDUN5Zsr25YDXn-kpOPIHaTjw-XUFaK__etCYDczXlqwCfTUx5w9SBgKp7fv6OmkLluQBN3rKulIouqqFyGCAf6bhzXnGii3nNDyEu7zZjiQdeYPepCrhOk1pfQFRXMxuS2eErksLUXp-7MeMzpEftPV0X248uNCL7zb51_uvcqRCuJU7hgvehzTsBmsNZRByp-ocbYbfsl8qpAKFiBzVFXls7rk06TDaXz8dPG6Xtz8jzTcjAJMpbdWfyPHrCBaisovDh8ai_CWdyUtmKqIzpNn4LQJ-z-yCCItV7WX6k7ikdNPu-Z6M1se4ocW6m1jfLgalsribr6DtSdRpoqxTG4O9yGmBNj1ggGHQ2CrObPBjaL1AQLeYhY-wNI9Uqx3jrxARC33j3s4c87h7VjIM_4EvVNhj-cKUB2JSXAtQP-FiKvAgLeyZf3WsgndGYPWJ3V9cAcU-QCDXQxXJG0sHQ7_QqG2LbTqIsEq624DbVc1cY2yOx0OCqvC46TubqF3G4pn3-oRsxyWSUgUJvSMtlC-jo7cs0sdXSepWUUONL54Ly_AeGjIO5ej4V_NKVeJhdSdpyz3au7EF8bje8kjq_2LzFVFpsFH4_iImtV_ba6iiKK3Eoe_WO7ody9K9Yn2Zje2tQxRq1ICOo7tLf_zqN-HNYWu974RUNZ0k4eid5_lJYB-_3oIj8iTcQFOttJID1XWSOPosbm94v9d3Am72xVqnqsTddd95mOYte4M6b6kZrPWs2V3ErEOdbTJs7-V2S7AFBt2NN_krofyYHH-Pm1OfGRYqLF5BgaDHUZSzvMESmuBNFY-L5a2yrZCXW2ZSVx4UVSH8KNA4Unlvspve9gaEN_j_sVOzULq0_uw-Tflm0ulMoqkk2yhidCza0e-m6a250md9Hg9wpCBoz8I2_sLXqmMWtmpYBhKdPteDb6_x3hJ0jcRhnN7TKRbUaBU7WEtwW3m5-Pn80TkJAN8sKCBTYijAxeLIuWi8u-5eIWiKQtPUoi9QpwYqrs6NiRsKLLgm4Rm-UihAg2t5MVbZuHZ5Yx7gS8KGx3MnMorASjcqBjZ0C8TdNHSdlhGrhx7WkXzgQrO3zAI0WL4ictKNs9timAJRBq&grab-orig-len=5120&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&p2=gftf&pcode-flags-map=eJytWF1v3EQU%2FSvRPhfk74%2B%2Bje3Z3VFsj5mZ3c0WoVGhQSBFCEEKSFUlQAjxgIT4J32gUqEfv8H5R5yxvZu1k0ySqnlbx%2BfMvXPvPXPGz2ZsUXNBdcWkpIUuiCK6IYJUUs%2B50GtWUK5ZrXNeZXz28NNnsx8enz09nT2cnf707ezB7Pz0%2B3P2BD%2FD1AnCcPb8swezNZFa0Iqvqc6XREiq9FzwSpesPh5RKLGihxyR6wZOvOegNclKcJCmYfVCZ1td8E19F5Yo8WwsVDKBZDOmBFH0PmSCfrKiUul1RZo%2BKVLIWwhiL3H2BMOaJhy9JuVqvLrr4G%2BE9rwoudyRlaS6ppsug0Vt6gIyk5VciTXd3hKJlyRBZOGSrGqwUx%2BEC%2BVXjNcfKLCcvF9cDUetGmIYBS9LXVKyfyBpzutJ8aLx5vteeFC6KVnfWIU9njFFyVEreoLWKclCrxuhG8G4YGqr5yRXXIy7YcIURcmeSaquq9dUSGzzOAk%2FcqJgjI29IO2wffRcaVrSitZKg2vNJMtYaaKQJVe2KQdTFPZRrGpWclJQ0QkFqZpD3Pl3T08PYIGX%2BKmzD0BKYco6wUzXOgCRAuWiteaZpGiC8TadfvP487PTEdKPvLSfmjk7gbbVeknZYql0rexLBqGfuh0w5yvsjuL6ZCmskCROvKCDbEld0BMtVtCpirDaKpdO7PlDo440Vs9XZSlzgXSteNf3fGefYib4MfYH6emFYIUdGYdJdG3AumBSCZZZ4Z5rusvAH9Ha68LVG1aopWYVWVArNnCDYRo6LJbrujjjwvSRIAVbyaM7MmyJibsPWJNyQybScAXpx0Npi3kDIZcNr9GLilWUr8ZN701UOAwCx%2B9zbnJeQL0NtLZOShiEoBm6d86xy9SMy249owJ2eBDH3lU4m%2BPE0RujALd1yA0MuwCunD6%2BcxMaE6cYJg9NOudXj%2FHpwqEDK9BBobei1pUxGGsiGJlsmTeFDQWaTISgG4IGKe46GmDaVcu4D11RmJp9wakQ0KuSLw45whE%2BcYK%2Bcnt1hmtYM7ppuLAXPYqjQbLM67rGIZhTiclYWGGxB1wHk7KBN8iX1ESoGyrySZ%2FBIoyQoZv2uRZQdBgLqAF2aiNgd1CwQfbuYeMSaGdfBch6PoQxmeuJuodJ4oV9r%2BwmuoDBypXOpVU7w9SNkwMtYRK5ozw4lXKTt7Qtmvqh646wnf5IiJFamgZvSFHAG9lJgnAodaf32DG1baj27VFD88ODwapEfnCG2pdL4%2BhGpIZfykuW26frkqNalYplpK4RNk7jOUPhmUkCXsKuw2nixfFBHANJ3yY48yATTUm2GcmPjdYp43emp%2B7EGDhe4Pc9sBAk8%2BzvQlycy3dhPB%2BN4g1dz7G9f41mu%2BENiD5BVpseNhssqMnMKBmrzZ7DjufHxkJjcG4JOgyjUb8taWd%2FcJXonKoV7YZe1AdUCcLuKmW4PDhJ32rGEQs6h4wtzUyy3I7DGAdDXyNTURkFE7Te2bVG0MxuE6ACziAEu6GGdRPYRdgi6BM64zIHODrraRa5qRvs45HMhMG4NPqYL%2B1RRIEX740jk8MpZg6D%2FvaF6toNK87yvi%2BF0MWqwXzh%2FlV0Dlz26ib42PE4HzvOxHs77hDF5GgyQQ3upYsHd1011ZyrIXm%2B2xe1ogUjHUnvK%2B4JvzmY3kq9V0xqwT9oRAWdEwjVLrL%2B48Id6UzTQxvLjMMA3IoZ7PBlV%2BIMNBVeIAF7d3puGu6bLDu%2BIkhXl8M52S%2FXCS7W6xTSzBXucXdpS9zRwtF0LZnqRvMgfujKseL2ycLVzvNv2nuEg%2FLNoXJMlbdkBJ7%2BYrf7YNKxDMJJoCD5Siq0U0elFT0ZO6H27%2FZd%2B%2Friz4s%2F2pdH7av27cVv7buLn9s37YuL3%2FH71VH7tn1xdPFL%2B6L99%2BJXvIR%2Fvmz%2Fa1%2FjwRtg%2F8GLeAyOv%2B4X2CiMH78%2B%2F%2BqjJ6dfPn56dn4Dze4bQ05wc6mJYmvanXYjnjkp5eQm76dpenCTxxm5EOZEkZUhusaqXfd1Ij34mgP4luAiD4947UU%2BDuxgJCEvGaTI77o4KWRxPL1GY4fCyJvsmXliEBmRtCG449XddW%2BJ5kQDUFGTUhcT7f%2Fi%2FGyycTD2YHn%2BP7QxEds%3D&pcode-icookie=y6k6A9zDckVxbqZRUbMwhgXXjasxj1Sb2iydDfDhwzi3GrgfrkefrPjnWy2tacwWQZHYrnnVbOx8v%2F8N6MRSeNC4cPE%3D&pcode-test-ids=633999%2C0%2C24%3B628987%2C0%2C29%3B637562%2C0%2C53%3B633009%2C0%2C3%3B204310%2C0%2C19&pcode-version=638452&pd=27&pdh=1200&pdw=1600&pp=g&pr=2084862249&pr1=3714893314&prr=&ps=bxyd&puid1=adv-1661605740229-476&puid2=&puid3=&puid5=&pv=13&pw=6&route=ssr&skip-token=&slotNumber=2&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&yaru=true&ybv=0.638452&ylv=0.638452&ytt=274879518736389&lvlfrom=20&rqs=a2cvdsttE3ZsFwpj5MIqwujSca_8BUDB&rtb-si=1&dmv=2&csl=&ad-session-id=1189561661605740344&rtb-answer-hash=319014069764214045&usgn=AdZhZPtvEq9c__M5WsuPF7Tz2ImJAhrokE5ZAtx8pHJg&resp-time=1484

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9c5fe4a536622f2ee49e780626f4c42476bc512844b57b01e9c0d525fd0c09af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1661605742308247-686531009153425502200106-production-app-host-sas-pcode-154
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 76ms
75ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1ef55e0e517d13ff&pm=bmt&pxo=lcHwosKgMSVbE1UH-s1I6oIoBCJ_578gkxE767XpTD1lduiW7tapS7GBDBTuS8l3MDRdedDxxDKBwX7nlRLPaA-7GPHmjUrZIV1D6nLtzrsveuPJTKtn7lO4thRrocYLDey4IDl5tFUrbKn7XLehAed9XYPft3Lb2htxJP41-BFS2vP3103e&p5=gwdbk&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=hxuqzmj&sj=xtZ3KAUop2mbw0pVzt-ac3UgiaYKEtu3igsz6GDj5rHsd7i1oSjirSFbMYkJEg%3D%3D&puid1=adv-1661605740229-476&pr=gtmhvtp&p1=cdinl&rqs=a2cvdsttE3ZsFwpj5MIqwujSca_8BUDB

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A986125148526%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A1068740898%3Arqn%3A1%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Ads%3A0%2C0%2C140%2C137%2C387%2C0%2C%2C66%2C0%2C%2C%2C%2C905%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 43 B
73 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A986125148526%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A917823659%3Arqn%3A2%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A986125148526%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A66710496%3Arqn%3A3%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A5%3Adp%3A0%3Als%3A168100698866%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A841488850%3Arqn%3A1%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Ads%3A0%2C0%2C140%2C137%2C387%2C0%2C%2C66%2C0%2C%2C%2C%2C905%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 43 B
73 B 59ms
58ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A5%3Adp%3A0%3Als%3A168100698866%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A315629061%3Arqn%3A2%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A5%3Adp%3A0%3Als%3A168100698866%3Ahid%3A619387557%3Az%3A0%3Ai%3A20220827130902%3Aet%3A1661605742%3Ac%3A1%3Arn%3A278138497%3Arqn%3A3%3Au%3A1661605741437762383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605738627%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605742&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(68700)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Sat, 27-Aug-2022 13:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:02 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0FAB 74 KB
26 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26222
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Aug 2022 09:50:43 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 0FAB 199 KB
68 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69148
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:28:36 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 0FAB 11 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1962
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Aug 2022 10:06:05 GMT

GET
DATA 200
OK truncated
/ Frame FB8E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a215ca8b17a5f7d58c8f7c608483c1dd5dc150f0e4190808a24222f3e97722ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5437 143 B
426 B 33ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 12:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9C0D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:51:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C0D 140 KB
43 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A8FF 0
11 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RWx1Nw
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame FB8E 20 KB
20 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 312922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 22:13:40 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0FAB 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Aug 2022 05:09:09 GMT

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 658E 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9C0D 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:53:39 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5437
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
28ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:02 GMT
expires: Sat, 27 Aug 2022 13:09:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:02 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0FAB 6 KB
672 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 12:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 13:09:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H3 200 4092648287096764135
tpc.googlesyndication.com/simgad/ Frame 0FAB 10 KB
10 KB 10ms
10ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4092648287096764135

Requested by

Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c4f483cc273bfc1affe3e5eb328b51ed526d1c262c6d972a420ba822b3bacb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 06:54:01 GMT
x-content-type-options: nosniff
age: 368101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10330
x-xss-protection: 0
last-modified: Fri, 13 Dec 2019 09:52:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Aug 2023 06:54:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9C0D 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhenxLGGgQPK-PZ2Zetn-X9xBrv-4EEddMraRQc7q_pfpMHJS6sN4jE-htSqgc3RWyZDqfVJegSbOGhyZ6ftK4AjxIeQ
Requested by: Host: e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
URL: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9C0D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4286d9c235ea8c5f22876687da2b58acf3a3a5b7fe748a14647adee9c9d5f3b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FAB 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 64ms
63ms Script
application/javascript 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l7bx5ocf
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: abde6c01477adf69d929fc7a3509c4a5cab712a19d333f75a4b1b14adc7b1b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 13:09:02 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0FAB 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 191231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0FAB 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 545961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0FAB 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 436905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:47:17 GMT

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/5432685/4ReA32o5SzchH_ASttgSqA/ 79 KB
79 KB 66ms
65ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5432685/4ReA32o5SzchH_ASttgSqA/wx1080
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 7fc196a6792490f3a60173545150807b29da87ec1d02b573a3e11cceb8b339c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:02 GMT
last-modified: Fri, 11 Mar 2022 11:09:50 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 80462
x-request-id: f444fb179e4653b0

GET
H/1.1 200
Ok dubai.metrika.com
favicon.yandex.net/favicon/ 407 B
620 B 61ms
60ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/dubai.metrika.com?size=32&stub=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7bd7d868aad46ad2617b5c5a9c205a345a06513d4bffd6ba51de3823490c2ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
868 B 194ms
65ms Image
image/gif 82.148.14.197
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJGQzNDQ2NDY1LTZmNDgtNGY2Yy05ZjgxLTk3YzczZTI2Zjg0NhoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjYxNjA1NzQyNDk2Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDRkYTkzY2I4LTgyYmYtNGQzMC04YTU4LTgxZTJmOTUwZGViMRoILnNtaTIucnUiAS8oiA4%3D&rnd=1661605742545
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.148.14.197 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: ads5-1.ssel30.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sat, 27 Aug 2022 13:09:02 GMT
Last-Modified: Saturday, 27-Aug-2022 13:09:02 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 193ms
63ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJGQzNDQ2NDY1LTZmNDgtNGY2Yy05ZjgxLTk3YzczZTI2Zjg0NhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY2MTYwNTc0MjQ5NhoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkNGRhOTNjYjgtODJiZi00ZDMwLThhNTgtODFlMmY5NTBkZWIxGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1661605742546
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 13:09:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 191ms
64ms XHR
text/plain 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 27 Aug 2022 13:09:02 GMT
Server: nginx
Connection: keep-alive

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A592 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=2066154044990865&bg=!Hh2lHVnNAAYUOm8VNDo7ACkAdvg8WgG8bC8VM09lJRLuCp1vW2PZJ1u-BzaeqWj3dY6etl8bNaaHnwIAAAGuUgAAAAJoAQcKABxZU0QpEMxk9OPlCHtRqdIVzZ12-gyXdHSxn-YhmQL8aW7zP6vOYc6frtR4em9Ppkn6NNU10AhjCtDLCiDqVNZB6th3RyspiY0-q1ioMK1lZIZDi3-XPrR3iOMOxEYFMwlI0HB02DNLBXUPBwu1Rhv7g0929HxLcSWYv53nn9WuYEqusx5V5f76Bca1aAnD1mDr4qSvob-pX73n90CvclQfNqJI7WBj3n_-CfXNDDFznpwOXnoQxA8RbEdwl8R9v9pTkYGGdffOJtKzfP5kXXnoXXvtdKLA21cDH63Q0VcaTU-URSbAmJ03x9mokrKYIUCkpK8I1lrRKraf6fQi3JZo72dpS0yKiCzqL-ec4OUpls1lGrXqhKT790F8VN0gp9_cutbOIkCNu784VhA98hIYe7B0MDLhoubHf5l_7Zyby7godWx20oXT8JIgWntlu7R38cgnZgZktdJdetbbS5rhdegIoU_e6pvwebdLPEA_djUloQM_ZXV4qhq9uF6btw5DI6Rt-frD4h1D5NLLLsr_dHPrs8zVw35Ehu1KU1sNOKLgzRqggvyVFk1Qjc11PXc2eT59qsIaIoEiF0B6lB4LCrK80mlv0deyAq6L3TItTqWaUO0fMf5gi8CiPrMMR-uF0I2zUmxzFV3FkFV2J1tEZ-3GpvtV9TTIaSW2ipNXflg7FaA654_EXL85ysGrRIC-cL-tx9Wf-nnzv5jK16YGQoEUSviuQZs0GMhM3M-WTiVFfvQjSPOSumOGfuVi-iiZfzxJ9K9NU9CzgYagQgN4qbK-f6eiJSzMHnu0kHWy2bYge0L4ox0ldhlTm0ageUqG5BSBTZgEXgB7JOBhA4x3AC66Lj_A2lukPCDczyRkm1GUJxyxKQ8w0JmtZqTFQcmePOeJtk0Vm9rTdAZJy0t33oprak71V-DWJfY4r7Z1hRT5gsHvUQoQD3kC6oaA1o54RzVMj0crM4AOKBinBKCQ3CmErKcZI9axnC-bbojGawXe0SLdBDfmiUNYGtfGRW-bDinuZKveCg7P9_KOkJZig6tYobePbrDIgRg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 1MdqXjVS0Hi200000000U9nJp4xNBpkTArncACQeUVkACPEhPOuuLp8347Z2H49jglUpn_QbCJ2aCWB5CyKO_vu5YPVc07crXOSO6LePGMGdI1O8c1XcCkRBGDWB6UL48AoLZD924DPUHhcRV0n7mVopZCn0aQkC8Art6Hbi69Z-CivYOc2OomGIMSgq04YkPOe0Y... Show response
yandex.ru/an/rtbcount/ 43 B
156 B 56ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1MdqXjVS0Hi200000000U9nJp4xNBpkTArncACQeUVkACPEhPOuuLp8347Z2H49jglUpn_QbCJ2aCWB5CyKO_vu5YPVc07crXOSO6LePGMGdI1O8c1XcCkRBGDWB6UL48AoLZD924DPUHhcRV0n7mVopZCn0aQkC8Art6Hbi69Z-CivYOc2OomGIMSgq04YkPOe0Yfnb-Wy4JvbU03MyOX9ufBrAGGoeJNRJgzqMpraP_Z9n0fMsChC2oLvcHI0vbHban5nc9f3bG581P3VBHcQB_tbXx3fD0YUPivKVhb-xxRZLLR3Aks3o9xE34p_OcRDO51ADaijIYajAN8sZYjtA2x9CVJqBoqkpWfCJuosSGbsS5h8aXa8Khs1vRx63XUa02zDD5eWlFzW_P3bx1WJUsBzb0Vbr0cjhmuc6jWDs2rWvJx9kVi81LdU1jQ6XWUKcQxQvw3_jupFKlhA2_Dd1ri0oWUtrkRqRj--ytLasW-tAuU05RBitFNpJzUBJd_MCAzbWPXzWypZ1nlo8ZTShmiKgC3F7qpYi8Cdy9HlC5J_Xh8diyzTDdMRC-SP-5ZkRcR65YQdH1dQc7UoC9zX57h1tlpptyStUdx-ZVh3pD71CNMiD09OBfbq0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 86DB 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 13:09:02 GMT
server-processing-duration-in-ticks: 1903
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 63ms
63ms XHR
text/plain 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 27 Aug 2022 13:09:02 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
369 B

7ms
7ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:03:03 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 360
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jLiHYw208aYzVLgUuq9jTVCZPh_Dolmvl_IeVxblwdHM12VLkkWykg==

Redirect headers

location: /internal-c2/default/cs.js
date: Sat, 27 Aug 2022 13:09:02 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: duHFyLLmJfP1T-3RfYU6xoUQyAxLWShnLPZ6rLvpdtc84Ss_apNAMQ==
x-cache: Miss from cloudfront

GET
H2

200

sid Show response
mug.criteo.com/ Frame 86DB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=vC4-LnxlUFpReE12bHYrY1NSN0xqMlZWM0RwTzVuVEl0M3l4UFFJTW0rR1pOSXR1L0lDRlZRSmNvc2dLVUh3UkJaK2wva1BVYU9HdjdOR0ZncmdKR3dJa1hQU2VNdXJkNC9PMmZvWjNtQnpuaW1wR2h4cExpM2Y1WmlldG...

433 B
637 B

52ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vC4-LnxlUFpReE12bHYrY1NSN0xqMlZWM0RwTzVuVEl0M3l4UFFJTW0rR1pOSXR1L0lDRlZRSmNvc2dLVUh3UkJaK2wva1BVYU9HdjdOR0ZncmdKR3dJa1hQU2VNdXJkNC9PMmZvWjNtQnpuaW1wR2h4cExpM2Y1WmlldG9jWkJOZFR3WTJWTVBiSGUrVWZTZ2MyZEd2ZGU1V3JmMnozbnI4MXNDUTZLN3RQM2UvSTBPZExvamg1UEZKNkdZS0pVa0NhdUJjUk4rZ0pCTDJCZ1NGdTNMTll2ZEtRai92SW1XVkRuS0Izcm94aEF1QVFmT05ma005ajlpazhTZ0Z6dXUxQVFQfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

72f3a3671c122f1aa09f404e8505d441eab401265cda99e82824e1b4ea1ddbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5011
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:01 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=vC4-LnxlUFpReE12bHYrY1NSN0xqMlZWM0RwTzVuVEl0M3l4UFFJTW0rR1pOSXR1L0lDRlZRSmNvc2dLVUh3UkJaK2wva1BVYU9HdjdOR0ZncmdKR3dJa1hQU2VNdXJkNC9PMmZvWjNtQnpuaW1wR2h4cExpM2Y1WmlldG9jWkJOZFR3WTJWTVBiSGUrVWZTZ2MyZEd2ZGU1V3JmMnozbnI4MXNDUTZLN3RQM2UvSTBPZExvamg1UEZKNkdZS0pVa0NhdUJjUk4rZ0pCTDJCZ1NGdTNMTll2ZEtRai92SW1XVkRuS0Izcm94aEF1QVFmT05ma005ajlpazhTZ0Z6dXUxQVFQfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1379
content-length: 509
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA9A 0
0 45ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082302&jk=714956928915576&bg=!nJ-ln9vNAAYUOm8VNDo7ACkAdvg8WpAjfVCzQSQDi7Mt-6MXzFiIhop2ODwt4190_h_SdFYz01fengIAAAFxUgAAAAJoAQeZAusca8hARp6Uv0oH6sXLay-gpdbAR-XzIoEg1nP4eX8Q6Px9S-f2BrLGUJ6hn-njcEs_EtF2RPNluBwvgd265zxPZPQ5yFCRmczc3IovFLAPDL4rQtTcq11xNOoyFj62j4Xrrsd9R2wo-jTld6ndFzbogVbhdaHLqeJ5nJqQyz-eHCuZb3Uc5RPCIAfN_bShH1woG71dEHpR17W8-i5-2lqounflHV17ZpfCk7YxO3LqFkMvpZGlJK09TjJMgGoP_3ydZ590Ag-iaJn5auTyL37xzCm1pUGoO6iANu2NLJKaMo3obu1f3mIOipo6PXw1UvTSzP6X3o7fU0dtvOGauBOlPdDw-7J74mMStCswjT-3mcQ1c3ShUGIx_Ob6-1Lp61BLwFRIV6_gej6bW9vXQRS3UMWB25yW6R49zifv8IBhJKxAIQS_n2tl-lx3VpC3HbUVHERCj-1T6mi7kocLyofd--MObhcxBU1tHXQJkhT1dw2e7rQh0Q8FZnREtiVzOQbrl4ymJgLZWK223sJ_-ic_nTcPvvG9k6mJzJvndjIoK157_UFDtd2CALXIeWt7ttXbHBJI2tKAU31lQRlygkKzb6scFzXOzgtx-mKlQQhowL9E8aNDZunLERnwncUneFlthGL_0XvCc-Eqiqur2ZeqbP0pFyxXqY9zcda9FBCk6MTZ9gNGxsotO9UzWprmbf41MP71T7lAFA4KP9vrUSYVZ78vNgotvao6NDKzC2oDcRPubTHnVSYGopqaZfT1-wASOBanPMZ57yUlRMhuLfmddEDK4Dve6v6H8njU_wh4Aog_9BPU5Zjd8BaQ3KPq0otrsitrWFzbeCR24lGHw6fRjGd07LX507lNvMVUZjUtRL986Lpyn9X7_zyf719YJZQkeX4axb3-cN68an3OJy-7BrqFyedjcazlWLePcjR5f_dTSsNBg3yrERQ1OukdUGqVYw1v7go0luz88SVAzIYmWJYeR3ILTH2nh1I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 70ms
70ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=83afcbbbf19be3c5&pm=bmp&pxo=qdCKvr1F4DOpjw8UoJf4ozXnu-L7pQB_qKJGqfBPWBq3b-lH7cPZwLqsfPsxmyd1f7ikyexrGwffDHy5kcH5ezN5X1bthScg7zJFwoyg3MFmmfPCt5NfwWscjrNFeA9AhkYAxMNEYIenkldSAzH1mh8MRhaDzNhuFG79J_6frBaDsxRPQtk%3D&p5=gwefg&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjnpirZgEKfnmAjoXw&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=imptdhe&sj=do8aSVPHVFLQBVysPJAA712bnVVx8k-T5HNSZnLLWQOTGG_wGbqJ1ZioIsRTOw%3D%3D&puid1=adv-1661605740235-938&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 1121 105 KB
37 KB 44ms
44ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 30 Aug 2022 01:05:51 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: c9ec442e71aeab39

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 1121 158 KB
56 KB 47ms
46ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-de2c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56876
expires: Sat, 27 Aug 2022 14:09:03 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 1121 403 B
632 B 306ms
305ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.tumen.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2ae69e80db014d0515876173d34004474e6440c0584c6f85a4b833eddb6a8310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 65ms
65ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=28ed4e310a9b1f7f&pm=bmp&pxo=7vuTlc1y2wXFbR1wV6Q5frQjLx3qjiGEDIxJi1k_AgB_qi0e63bpDu9YFIwPzZh8QLrANVFF3xdOzC4JD7CbqFNY8doU9jp7rjZ3jaqLsMfOd5jSbJUIL6UswZ6dc_A8ga_Ga6Z5-3WHdEPea9mDY1lc7nuEVN-KcuZ-b1kk18OSJXzCsw%3D%3D&p5=gwaok&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjV-MKGb_QjFc6GUEd&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=flapwdv&sj=no0crn-5zbBkXPgKQdZqq7hgSzUHoMdhUmaJqa0B-ExCTa5-uUnO0mLZMVVI3w%3D%3D&puid1=adv-1661605740237-182&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:03 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C0D 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvI7zkn7PZVkOEjcAQPPEGXon6jkxvrMHe-5n9HUTFEVv-a24RaGPfPukcfFnqCmwyx0585MQyDSrgEuI_B8_PTI0VyHRth3v5L4CppVgcHIoqBrHGYlUBpk4lN60BDFDCbSRq64k&sai=AMfl-YSd1cJqciNcJbsxgH_bmoiwzol6XmvPgs6shVzQmr_SbOrN67csXg5cCenLdjs5keioXucReoMap56vP1Flt_2u0W3rJZ45VrCFBGFehOHhBDxad3g_HaKo1r_q6DRw&sig=Cg0ArKJSzCUIk4j9NhwOEAE&id=lidar2&mcvt=1001&p=486,1100,1086,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661605741959&rpt=357&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 1121 41 KB
16 KB 96ms
72ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15682
x-xss-protection: 0
server: cafe
etag: 14097944420163075165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:09:03 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 1121
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bxcKY_O4H4-M9fgPgbywqA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=598258183
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=5982581...

42 B
64 B

23ms
23ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=598258183&ipr=y

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=781452216&crd=CJqqsQI&is_vtc=1&random=598258183&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 1121
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bxcKY-O8H7CR9fgPzM-LiA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725&ipr=y

42 B
64 B

37ms
19ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725&ipr=y

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1558310436&crd=&is_vtc=1&random=2459319725&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 1121 167 B
344 B 48ms
48ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A696323564588%3Ahid%3A740862752%3Az%3A0%3Ai%3A20220827130903%3Aet%3A1661605743%3Ac%3A1%3Arn%3A532018387%3Arqn%3A1%3Au%3A1661605743449410643%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661605741251%3Ads%3A0%2C65%2C33%2C1%2C0%2C0%2C%2C82%2C0%2C183%2C183%2C0%2C183%3Aco%3A0%3Ast%3A1661605743&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d647a1a3ed73129ab31c5690e3f1eca641cb3487f792b4cf4466114048900da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:03 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 1121 43 B
72 B 46ms
46ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 13:09:03 GMT
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 27 Aug 2022 14:09:03 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 1121 3 KB
1 KB 154ms
153ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661605743585&cv=9&fst=1661605743585&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66fc36b0e0ee4688f022c5c88a9ed63bcef874b038c16730968ca4c9a7e586ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 1121 3 KB
1 KB 217ms
216ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661605743589&cv=9&fst=1661605743589&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee569e8d1e3782cc1378aabd72074cc5a95939d010c7c97427ca2e8cfdada588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 1121 3 KB
1 KB 214ms
214ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661605743592&cv=9&fst=1661605743592&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aae3e2b7cb616a40a508b813e7acf344bc8a80cb57dde5b7a60b73e1d47766cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 1121 3 KB
1 KB 251ms
251ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661605743594&cv=9&fst=1661605743594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd6d26da61c4b4b9133c2c959e01af0df8cdb9b4ad2d01700f6bdbf2b9142e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1PLwNCxS0Hm200000000U9nJp4xNBpkTArncACRuDEULCPEhPOuuLp8347Z2H4ADjFypnVQbCJ2aCWB5CyKOjyQ1n4jbWBpQmaEC3AsC8B8J90i4J0mp6TzRGzWB6LzfGbWh6NUgGbXx6OkkypCS1VFFCe8qNGMJTnaPP1YO_ZBEOc9WcCi44bdAT8gPWM4jqoyW-... Show response
yandex.ru/an/rtbcount/ 43 B
132 B 56ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1PLwNCxS0Hm200000000U9nJp4xNBpkTArncACRuDEULCPEhPOuuLp8347Z2H4ADjFypnVQbCJ2aCWB5CyKOjyQ1n4jbWBpQmaEC3AsC8B8J90i4J0mp6TzRGzWB6LzfGbWh6NUgGbXx6OkkypCS1VFFCe8qNGMJTnaPP1YO_ZBEOc9WcCi44bdAT8gPWM4jqoyW-opJVo1uolG2AFAAIO2DzKQP651RhTY7tHRFMHd-Cd425RKoimB9NcP583cL6MJ4N6OcaEL0KW5aDyj6Pel_UM7iEaq29vcpbH-kNxljkDLLiCgxOF8diuCJFzYPirWK4esIorAAIqfSZQEAtSeBiaBJl3t3TJDBSvmJ4mkAtTqNiaY7GXIlO7bVleE5wG0BqqqMY2y_s3zaENi61DxOlsK1-NK2Qsl3YOQs0tOBM3bFicv-mW5MTu6reQ61vIPhjhdeF-tZCzI-ieBysS7Mm3A1xVMvlHktxxpTMJQ3xShXu0LikpSzVDFrujEVzOmhsM1c7s3pEC76_8YDrol2nSernStREAmWoVmb6ymLF-6iYUpprqsTPipvnduMEvkPiOM9gT46zWQ57UoC9zX57h0_F73rPEUBTnEpVh3pD71iVMy00Ci1gau0?confirmTime=2101000&confirmRatio=1000000&test-tag=274877906944002&format-type=118&actual-format=10&rnd=5185852684512&banner-sizes=eyI3MjA1NzYwNjUzNjU3MzAzMyI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:03 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:03 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 1121 350 B
381 B 47ms
46ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A306428346256%3Ahid%3A740862752%3Az%3A0%3Ai%3A20220827130903%3Aet%3A1661605744%3Ac%3A1%3Arn%3A727745531%3Arqn%3A1%3Au%3A1661605743449410643%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661605741251%3Ads%3A0%2C65%2C33%2C1%2C0%2C0%2C%2C82%2C0%2C183%2C183%2C0%2C183%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605744%3At%3A&t=gdpr(6)clc(0-0-0)lt(5800)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d0dc8628913b702e328e367fb028d23fbf67c1f15f4ecf05b10cc300fd706606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 13:09:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 13:09:03 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 1121 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661605743585&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3101806922&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 1121 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661605743585&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3101806922&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WOqejI_zODC07Gm0X1G2_oio6cO1S0K0qm4GW8200J5i5mfZ000003YScWE80Xov0gRp98YwvjPcy0BJlzEw1_050Q06ueaEoGPhPozsosqJTga75W6rNkep0aN01y2hiFe1W0e1Y0e5g0he1uWBEAeB40O5s7OM0G40VHRmkpZdy0i6u0s2W821W820Y0IO3kl6X... Show response
yandex.ru/an/count/ 43 B
283 B 75ms
75ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOqejI_zODC07Gm0X1G2_oio6cO1S0K0qm4GW8200J5i5mfZ000003YScWE80Xov0gRp98YwvjPcy0BJlzEw1_050Q06ueaEoGPhPozsosqJTga75W6rNkep0aN01y2hiFe1W0e1Y0e5g0he1uWBEAeB40O5s7OM0G40VHRmkpZdy0i6u0s2W821W820Y0IO3kl6XF_QrUtZEgWFbeAKvwRzZ855a13wv8U3bPcBgXVWbPXzy18L1E0K0V0LmOhsxAEFlFnZW1Q5WCY0Xi0-e1QGqPUO1iaMs1Q15wWN2T0O8VWOojooaBEhZFKdW1c96RFai1dhphsnjxdRYNQu6S0Pw-xKyB_biSmcqXaIUM5YSrzpPN9sPN8lSZSmEIqnw1cO3F0P-W6O6jJ3Kx0RIBWR0u8S3KfOH3f5P4PBCrPmOZVf780T_t-0880WY201q27___y14G0pmskOiMWyEVkml_sgGJgu11pIIbmQP0Y209QvWC6LsFce6PJCu_e_PHoAhtPEDk6FlGuYQHXd~1=WIOejI_zO3y0vGW0b0ytU4QlFm6qYxcspTcxmB81W041Y06BsgVubG6G0TB1qO_TW8200fW1qi7HZrsW0Soe0Sou0TYKnP0bs07GmSse0U01rEEJ5UW1UlW1fB_UlW6W0ghbwHUm0xaIY0MGZGwG1QY94R05xfy7k0NkdmV01UcG2CW5zha3q0MiwG6e1kA93ga75W6rNkep0aNW1wGFmeA01k08rVBq2-W91u0A0UWCcmQ84C-ntPa6eH5dW1I0W804w1IC0g0MaD6Nc0R95l0_c1VOwVmMk1S1m1UrrW6W6S01k1d_0O4Q___70fTqOFke7W6m7m6G8ftg9f0YeUeca2AZwYOA076a3IL6D1Y6dL0IHCOrEzGx3sXPAPqFsA6Qf0JR11m0~1?stat-id=28&test-tag=274877906999825&banner-sizes=eyI3MjA1NzYwNjUzNjU3MzAzMyI6IjE1NjB4MjUwIn0%3D&format-type=118&actual-format=10&pcodever=638452&banner-test-tags=eyI3MjA1NzYwNjUzNjU3MzAzMyI6IjMxOTUwNSJ9&width=1560&height=250&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:03 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:03 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 1121 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661605743592&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=699122250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 1121 42 B
64 B 22ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661605743592&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=699122250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 1121 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661605743589&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2555137004&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 1121 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661605743589&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2555137004&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 1121 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661605743594&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2995062293&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 1121 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661605743594&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2995062293&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 76ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=33a19b2992bf67cf&pm=bmn&pxo=7vuTlc1y2wXFbR1wV6Q5frQjLx3qjiGEDIxJi1k_AgB_qi0e63bpDu9YFIwPzZh8QLrANVFF3xdOzC4JD7CbqFNY8doU9jp7rjZ3jaqLsMfOd5jSbJUIL6UswZ6dc_A8ga_Ga6Z5-3WHdEPea9mDY1lc7nuEVN-KcuZ-b1kk18OSJXzCsw%3D%3D&p5=gwaok&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjV-MKGb_QjFc6GUEd&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=mmxwpgg&sj=no0crn-5zbBkXPgKQdZqq7hgSzUHoMdhUmaJqa0B-ExCTa5-uUnO0mLZMVVI3w%3D%3D&puid1=adv-1661605740237-182&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:04 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:04 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1MrApSRR0Hi200000000U9nJp4xNBpkTArncACQeUVkACPEhPOuuLp8347Z2H49jglUpn_QbCJ2aCWB5CyKO_vu5YPVc07crXOSO6LePGMGdI1O8c1XcCkRBGDWB6UL48AoLZD924DPUHhcRV0n7mVopZ21DLy7aNKO66mQcluopc1WOvZA1H9OoBG2IQvaYW29dc... Show response
yandex.ru/an/rtbcount/ 43 B
156 B 55ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1MrApSRR0Hi200000000U9nJp4xNBpkTArncACQeUVkACPEhPOuuLp8347Z2H49jglUpn_QbCJ2aCWB5CyKO_vu5YPVc07crXOSO6LePGMGdI1O8c1XcCkRBGDWB6UL48AoLZD924DPUHhcRV0n7mVopZ21DLy7aNKO66mQcluopc1WOvZA1H9OoBG2IQvaYW29dcVu3mLEc5ymC3A-O11vfhr8G0sgJtVHgjyLpLeQ_J9n0fQtCh42obraHI4vb1Xanbva9P3cGL03PpRAHsU9_NXYxJfF0IUPivOVhrsuxRdKLhF8kcFp9xE343tRcB1Q5HAFaifJYaX9NuwXYj_A2B5DVpyBoqgpWvCHu2wTG5wU5B8cX4CKhMDvRx61XEi32T9C5uiiFzWzPpfu1WJVsRrb0Vft0sjfmeg7jWDq2LiwJh9kVS83LNM1jQ6XWkScQRIxwJ_lu3BMlh21_Th0ri4nWUtrkxyRjEsztbirWkt8uU07RxaqFttIz-FHdFUDADfZP1zWyJh0nFsBZzOfmiGhCpF4q3Yj8Cd_91dF5JpXh8llyTLEd6NE-iP_5pcPcR65YQhI1dMa7E-C9Tf47xDqlptryi_VdxwWVx3mD75FNMWC0ajccMm00?confirmTime=2100000&confirmRatio=1000000&test-tag=274877906944002&format-type=118&actual-format=14&rnd=4490119264286&banner-sizes=eyI3MjA1NzYwNTkwNzUyNjgyNCI6IjE2MHg3MTEifQ%3D%3D&width=160&height=711

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:04 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:04 GMT

GET
H2 200 WOqejI_zODG07Gm0j1G7ltiyK9q3eGK0r04GW8200J5i5mfZ000003YScWE80cov0gRp98YwvjPcy0BJlzEw1_050Q06ueaEoGPhPozsosqJTga75W7zpTGp0aN01y2hiFe1W0e1Y0eBg0he1uWBs06g2n3YAweW5W4101sowhiuv_0B1k0DWe20WO20W8W4c0xhn... Show response
yandex.ru/an/count/ 43 B
260 B 61ms
61ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOqejI_zODG07Gm0j1G7ltiyK9q3eGK0r04GW8200J5i5mfZ000003YScWE80cov0gRp98YwvjPcy0BJlzEw1_050Q06ueaEoGPhPozsosqJTga75W7zpTGp0aN01y2hiFe1W0e1Y0eBg0he1uWBs06g2n3YAweW5W4101sowhiuv_0B1k0DWe20WO20W8W4c0xhneJ_sjNjupge3vQ2fDdD-eo1HP0G-kI7WvMPYweNo17WbPXzy18L1E0K0V0LmOhsxAEFlFnZW1Q5WCY0Xi0-e1QGqPUO1iaMs1Q15wWN2T0O8VWOojooaBEhZFKdW1c96RFai1dhphsnjxdRYNQu6S0Pw-xKyB_biSmcqXaIUM5YSrzpPN9sPN8lSZSmEIqnw1cW0V0PWC83c1hKmrEm6qYu6mE270rAM4GwKMbiIJDMS68twHo07Vz_W202Y201q27___y1400o0ssOqN0yEVkm__sgGJgu11pIIbmQPWY219QvYC6LN3YgvXf0PHpAi7PEDk6FlGuYQHXd~1=WluejI_zOA02fHS0f2VaRqOLe0E8wvlJuP27huy1W073nw9kY06sng6hYW6G0T3ItRVOW8200fW1qDBTjrYW0R3Gg06mqDstMBW1uF-RbIJO0SAtdQG1u06A-w0Kw07A0fW2mC2c6Q02xfNA5vW3m8Gzi0F30uW5fEWWa0M3fYUm1Ud-2RW5wVu9ZPa4u0Ltg0RYYGwf1nO1_StKCm95k0U01V470032W806u0ZtYkKBw0a0y3_92kc0BzyjoVG_-0g0jHZP2-WBfEWWY0oihkI-0QaCX5kBaPqRw3_e39i6c0t_fYO_e0x0X3tP3u0GuPct8feG6ma00FO_6SWG3E0HuQezw17CpAo9vuc0_fLll437hHHIiShZFvWJ1E0JwVu9W1I0W804Y1JceBh7cv7dx6AW5Ed-2QWKWwOdhelGaWRe58m2q1M0yv6O1g0MaD6Nc0Qm5iu7oHRG5gokvBu1s1Rwv8U3bPcBgb-15vWNyhzOk1S1m1UrbW7O5y24FUWN0g0O0R0Ot_sdc0Qu60tu6ChSif2pgupr9u0PmOhsxAEFlFnZYHcpvA0Pm06u6V___m7W6GBe6Q01y1c0mWE16l__2mn55gKmY1h0X3sG6e2OW820W0AO6jJ3Kw0QmFNAnA_xnQki0RWQ0_KQ0G0009WRXCmei1j8k1i3eHm0003WqGtWlwaS00Z0iHnx5Av7uNg4Fxb0s1oaw23W78Ec9-dmF_4S001ine42nJ-07Vz_cHt87S24FU0ToR-s0f4Ug1u1q1wjtkhOt9ACzF01s1xwsXw87____m6W7-6PjoAm7m787-7RZbBI7mOsCpWqDJA080A8806m88I08E0W0T0X__y19I21115JoZYbL8rrdCt5to6saY-M49nczPnSIBDVix4Eo00qjXzoUo2Hj-oV6ZuyPpfv0LpXhTiAZL6F3EB76Mom7IaJWkriLHeRXQspxdIvgoY0WvvaIWEaesLns5a_IKQDRCgWEVvmCLWgizq-mtDsBUjWsmS7~1?stat-id=108&test-tag=3652577627527697&banner-sizes=eyI3MjA1NzYwNTkwNzUyNjgyNCI6IjE2MHg3MTEifQ%3D%3D&format-type=118&actual-format=14&pcodever=638452&banner-test-tags=eyI3MjA1NzYwNTkwNzUyNjgyNCI6IjU3MzkzIn0%3D&width=160&height=711&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 27 Aug 2022 13:09:04 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 13:09:04 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 73ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=66e6749f469cc4ca&pm=bmq&pxo=qdCKvr1F4DOpjw8UoJf4ozXnu-L7pQB_qKJGqfBPWBq3b-lH7cPZwLqsfPsxmyd1f7ikyexrGwffDHy5kcH5ezN5X1bthScg7zJFwoyg3MFmmfPCt5NfwWscjrNFeA9AhkYAxMNEYIenkldSAzH1mh8MRhaDzNhuFG79J_6frBaDsxRPQtk%3D&p5=gwefg&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjnpirZgEKfnmAjoXw&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=lwjoeft&sj=do8aSVPHVFLQBVysPJAA712bnVVx8k-T5HNSZnLLWQOTGG_wGbqJ1ZioIsRTOw%3D%3D&puid1=adv-1661605740235-938&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:05 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 294ms
294ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=4828d5f8858aa60b&pm=bmq&pxo=7vuTlc1y2wXFbR1wV6Q5frQjLx3qjiGEDIxJi1k_AgB_qi0e63bpDu9YFIwPzZh8QLrANVFF3xdOzC4JD7CbqFNY8doU9jp7rjZ3jaqLsMfOd5jSbJUIL6UswZ6dc_A8ga_Ga6Z5-3WHdEPea9mDY1lc7nuEVN-KcuZ-b1kk18OSJXzCsw%3D%3D&p5=gwaok&ad-session-id=1189561661605740344&utg=oxum&lts=fjwcirc&ytt=274879518736389&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=a2cvdsttE3ZsFwpjV-MKGb_QjFc6GUEd&pr=gtmhvtp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=lmfyad&sj=no0crn-5zbBkXPgKQdZqq7hgSzUHoMdhUmaJqa0B-ExCTa5-uUnO0mLZMVVI3w%3D%3D&puid1=adv-1661605740237-182&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 13:09:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Aug 2022 13:09:06 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvunUkbgP18A3SPssBVifzufEdhaM9O3Iu6Gqub-gq26weeBjmavM9028QcS1U1pmRwIeOij79epmjPard4E-manv11e-TgDbDYOZhUerELXtx1u_leSb1e9BzXZiKqecc2rM643v8DvnbaBEyV2sPqJVaCkAZQZIbdRlOknFmLCxWnOZ3-YGUmgZzK6iKYDIYJGKNJCC1z9NDAqH8ibAK6Ty-_xoCdxx5BEXwXTMp6v_vOcKDZnNZ2JmOscTevml4QPT4GFBqLcDl4jm0NIUexmqmVwKIBDYuxxz1GqOw2HdC1QjnaQHOTrjj2af1TTSzgIoaOUM0-96dWi6t&sai=AMfl-YSJ7qx4lbbn-9htsdAhLRNb2xinErAP09DLU6Bh52ixX4klLuohFS5DLt_7ufFAWsMG6Jms_Cry41L7lDdSmq81v4jjuvUdQ6k4DC3VTQLJmCYwG7izUjtwSuVH-kpbaVs&sig=Cg0ArKJSzEq_nntav7phEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220824&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=2&r=b&rst=1661605741837&ec=0&wmsd=2

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:34:52	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:34:52	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 05:43:30	Name: w3k Value: c58e356b-c88d-4377-9493-8949366511b7
.kp.ru/	1970-01-20 05:43:30	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJjNThlMzU2Yi1jODhkLTQzNzctOTQ5My04OTQ5MzY2NTExYjciLCJqdGkiOiI4YTI1NGM1Yi02OGU1LTQ2OGUtOTUzZS1kOWJhZWVhNDYzMjYiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiYTI0MGQ3NTZjYWZjNTg4NzNlN2JlNTgwYTk2OTQ5MTUiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA4LTI3VDEzOjA4OjU4WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudHVtZW4ua3AucnUiXX0sImV4cCI6MTY2MjIxMDUzOSwiaWF0IjoxNjYxNjA1NzM4LCJuYmYiOjE2NjE2MDU3MzksInN1YiI6InNlc3Npb24ifQ.E8OtEmZfIQotyXq9RsCdT8oNWlR01svIPwAcJMy06dABqQ9gYwlLrlCXjX68fZudNJ-qLYEa8wrac_vm1oil8Kttgt2KmXPlQ_uCrv5ErBpLi0mkNcnVqHqpOc4TW7Y3X1bruuFYLONHuNXraiX1Iokn2-ipoozuPL85T9kvTqGrnw_4x2rComiud2G5Ws6Z0noq5BdE6DdjvgOk8iEpJLS6Gddg9HdKYnR7J9cE8KAGFG6jSNcvYIY5vUBpYJ0SKw73ciaBSIERbgWVTLv974zd9KwKXktxde790mrbwDsHNwGQB63QctKZBoeLEtobbsbvLEPKaWLuyjqsJBSQ1w
.kp.house/	1970-01-20 05:43:30	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.MKN0MpPnQzEqA5fG-fmiyTzY_ZQEH83mzq1VzmQE7pNS1tyO0JMLUFpfq-r_VO5n351-7ZqqepWl6ecUIbfpjxt-8_IHgxmRI7t6OYC73hZQbLSV3uw67D4kWeta-k97rz6bSF6GoPL8h311XgaZbuQIBj5JEz9bmD33wkq1K-o0YCfbNzTrrFQ_XfO1DHN2thEOT-4Qq3dVTWfw9XTFYrtW8WtWnY_BX_BD31hD0_BvqCKsGvQQaJT6I8JE_V9MHzM6FpAUmg__m3WAiOWACS7qc_swF8clh060C7em2O9T4idkWTDdmrnDlOWnaFBeBQskCBtf2ex0aQJeApUd6A.lWFuy-cEgDZwOEQS.I9YrX-xAG3z35oyZeUiu3or6.3aRMYicE4tZWQ-RndXX9-Q
.kp.house/	1970-01-20 05:43:30	Name: w3k Value: 67e7ca52-7153-4627-b54e-7554c12247d4
.kp.house/	1970-01-20 05:43:30	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI2N2U3Y2E1Mi03MTUzLTQ2MjctYjU0ZS03NTU0YzEyMjQ3ZDQiLCJqdGkiOiJlMzMyMjI5YS1kZmViLTQ2YzItYjFmNy03ZjAxYzk5NjMxODYiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjYyMjEwNTM5LCJpYXQiOjE2NjE2MDU3MzksIm5iZiI6MTY2MTYwNTczOSwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiYzMwMDA5YmQwOTU3Yjg1NDNmYWE3YzQxNjkyODJmYmQifQ.jeRn2MctAWnQHAQ8UXDRqRfq5d_zTpYxdBiExSgkSnjEwsegFvq1Zuv_G06Ce4Jg29ZvhtnWTQwEZtpUSjr_-BW9egIbHSOL1vcoIPM4aVjQcoaARrJ70tkUmUH0RrDqLZVOr83HXZ_F6CzsnMJ-FC7zgc5wqelvo0sjNEgcWRSR6nfapBZ0pZC4pux6BA6YQFV52Qh6M002tFx3bZxX78L2l8BAsrH6OwlHpZxIYqxbWR2nNgC-xj1YMz-BYb62S2po4XsEw2lz2dfuIqWCfUwLZufqHy0FFOGPjv6wh0di6_367kSn_bukKhIPacfDGRVNDX2xjke80EPEo_Jsog
.yandex.ru/	1970-01-20 15:09:25	Name: yandexuid Value: 8508264841661605739
.exchange.buzzoola.com/	1970-01-20 06:16:37	Name: uuid Value: c99e3bdd-95a8-454e-4e9a-1d5f9dad537b
.betweendigital.com/	1970-01-20 14:19:01	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:19:01	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:19:01	Name: unm Value: 1
.betweendigital.com/	1970-01-20 14:19:01	Name: tuuid Value: a1ce3ac0-141d-52ef-9d5b-5bd7fe514cbb
.betweendigital.com/	1970-01-20 14:19:01	Name: ut Value: YwoXbAAE4gAWKin9yHRMwHi0n0RdaE1_FDufGA==
ssp.bidvol.com/	1970-01-20 15:09:25	Name: bvuid Value: jtz49enhc7
.exchange.buzzoola.com/	1970-01-20 05:53:35	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.mc.yandex.com/	1970-01-20 05:33:26	Name: sync_cookie_csrf Value: 1174388852fake
.mc.yandex.ru/	1970-01-20 05:33:26	Name: sync_cookie_csrf Value: 3454690993fake
.yandex.com/	1970-01-20 14:19:01	Name: yandexuid Value: 8508264841661605739
.yandex.com/	1970-01-20 14:19:01	Name: yuidss Value: 8508264841661605739
.mc.yandex.com/	1970-01-20 05:34:52	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-20 15:09:25	Name: i Value: rmGsD3qcsULqpgvLFA4GWIHxZYsSdsvuaznrdY2qX1NptCDT19Gd8clLflTuCkDiKfDAg+PEKoy4MvJBUiLIe5oS8C8=
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1734641271661605741
.yandex.com/	1970-01-20 15:09:25	Name: i Value: EJqsIOMWvwbG0tbMTn6D6Gft78VAbpDzyXddWUN6Nir+F9hQTqC0d4WrXd2SRmemFOm54n4ODoWhGPCWxXD3SpYcxQE=
.yandex.com/	1970-01-20 14:19:01	Name: ymex Value: 1693141741.yrts.1661605741#1693141741.yrtsi.1661605741
.kp.ru/	1970-01-20 15:09:25	Name: _ga_8MQ0FGXD1P Value: GS1.1.1661605741.1.0.1661605741.0.0.0
.kp.ru/	1970-01-20 15:09:25	Name: _ga Value: GA1.1.344982892.1661605742
.tumen.kp.ru/	1970-01-20 15:09:25	Name: _ga Value: GA1.3.344982892.1661605742
.tumen.kp.ru/	1970-01-20 05:34:52	Name: _gid Value: GA1.3.2033519456.1661605742
.tumen.kp.ru/	1970-01-20 05:33:25	Name: _dc_gtm_UA-23870775-1 Value: 1
.tumen.kp.ru/	1970-01-20 05:33:25	Name: _gat_UA-5200037-42 Value: 1
.tumen.kp.ru/	1970-01-20 05:33:25	Name: _gat_UA-23870775-31 Value: 1
.kp.ru/	1970-01-20 15:09:25	Name: _ga_E8KWCYC304 Value: GS1.1.1661605741.1.0.1661605741.0.0.0
.yadro.ru/	1970-01-20 14:18:03	Name: FTID Value: 1Z2XTj32VzuO1Z2XTj0015Nr
.doubleclick.net/	1970-01-20 14:55:01	Name: IDE Value: AHWqTUnE5f9vV_2xttSLiZQG9EJcTRnjaX3gHXaum4npxWCVRUZxJMRYDhwFjbBKzgk
.kp.ru/	1970-01-20 14:19:01	Name: _ym_uid Value: 1661605741437762383
.kp.ru/	1970-01-20 14:19:01	Name: _ym_d Value: 1661605742
.yadro.ru/	1970-01-20 14:18:03	Name: VID Value: 2nltPx3e5bOO1Z2XTj001JF0
.kp.ru/	1970-01-20 14:55:01	Name: __gads Value: ID=ff7d19fb80269395-224c10ab09ce00ec:T=1661605741:S=ALNI_MavQ67OY3e_UUn6gWTRl0ANrq1bAA
.kp.ru/	1970-01-20 05:34:37	Name: _ym_isad Value: 2
.tns-counter.ru/	1970-01-20 14:19:01	Name: guid Value: 63096A16630A176EX1661605742
.doubleclick.net/	1970-01-20 05:33:29	Name: DSID Value: NO_DATA
.stat.media/	1970-01-20 14:19:01	Name: _sm_uid Value: d3446465-6f48-4f6c-9f81-97c73e26f846
.stat.media/	1970-01-20 14:19:01	Name: _sm_udt Value: 1661605742496
.stat.media/	1970-01-20 05:33:27	Name: _sm_sid Value: 4da93cb8-82bf-4d30-8a58-81e2f950deb1
.stat.media/	1970-01-20 06:16:37	Name: _sm_cm Value: 6
.smi2.ru/	1970-01-20 14:19:01	Name: _sm_uid Value: d3446465-6f48-4f6c-9f81-97c73e26f846
.smi2.ru/	1970-01-20 14:19:01	Name: _sm_udt Value: 1661605742496
.smi2.ru/	1970-01-20 05:33:27	Name: _sm_sid Value: 4da93cb8-82bf-4d30-8a58-81e2f950deb1
.criteo.com/	1970-01-20 14:55:01	Name: uid Value: c5496b8d-7d3d-4d4c-92f9-c623cf05377d
.kp.ru/	1970-01-20 14:55:01	Name: cto_bundle Value: Krk-CV92ZlVPSjdvbTRhdjU0RHFEQzMyYVg0JTJGakJ2SmlBWlhTTGdyOHclMkJGOEFySHZjJTJCSmkxd3pTaExtNkkxcUl1eEFPR2huUEY3NSUyQjk1ZDVMeFpsaFNEOENqJTJGSEtiUGUwM2dPcDd4c1VQb3hTbjJNdkVSaWxxdVhpYmQwc1dIM2N5SnlRRmVKSlI4dmd6eDh6blhkOE14WW1nJTNEJTNE
.yandex.ru/	1970-01-20 15:09:25	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 15:09:25	Name: is_gdpr_b Value: CPUOEMiGARgB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f0d59dd6172395ca18cb5e50b49da63.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
counter.yadro.ru
e44a249febac1d38a79b8b3e3e61a1b3.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
f92208c1f7e535e8d9324c9cd721a801.safeframe.googlesyndication.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
identity.kp.house
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pda.tumen.kp.ru
region1.google-analytics.com
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s10.stc.yc.kpcdn.net
s13.stc.yc.kpcdn.net
s15.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tumen.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
pagead2.googlesyndication.com
13.32.121.72
142.250.185.130
142.250.185.162
176.9.81.69
178.250.0.157
178.250.0.165
185.184.8.90
188.42.191.196
195.209.111.22
2001:4860:4802:32::36
2001:6d0:4001::226
2a00:1148:db00::17
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a02:2638:1::3
2a02:2638::1c
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:e1:2801::254
65.108.1.48
82.148.14.194
82.148.14.197
82.202.225.229
82.202.225.240
88.212.201.198
95.181.181.12
95.181.181.82
02dee947394563b553e1517910d38ecb0f034f05280f601632ea65f98f182ff7
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d
0e3c2b569feb8b04fb3a1b792387fd4b76636b62b419743eaeaed6b1fba96140
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0f79d5d5e89c65cec3b62d96db1fd60103400aa9f2fb90ef3a0fda2174e76dd7
10c5967601caa1942f8aa476602f990ad7c74b85d0ac48ba78290b382d7607dd
10f10df6762afaa5c0e7cbad018eecb494412ee5c62b82db5fe64d62b56431f9
11c4f483cc273bfc1affe3e5eb328b51ed526d1c262c6d972a420ba822b3bacb
12cba32bd3140fd295ce10f9f1cef5e68523dd86a34a4618a2fa1d8bdab9fb34
16f11f9228638f50f608507c0ec6a02e4e515b378266455d8f89fefd93ae3090
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1afddf97c812b5caf73ffccf4265d714b3435ff871264a8f6595b34c4ee5eb38
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270
29333589abb5b5485dccf8fb0ff0578810087103877ef71eecb52e3b23f7c680
29cbf38fb15452289dc116c1c93ff40f9199972da0aaec9c6922ba60d39b9dbb
2ae69e80db014d0515876173d34004474e6440c0584c6f85a4b833eddb6a8310
2b8361515b39f5e9f277362563dddec841077527b695814c676e46ba4f22452b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2efcbde6ec02b22a2d16f9fb80540f481747d6100f1ec480ddb0b7f3472ab779
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
35fb624a84b4b58abc85605e056a58c3f85c64bfd92870a61ee752f0e0e19f65
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
3e7623ae51bac232daf0c2afa8df56b91db30ce0d034fb67e90595c4068571d9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
41425e8a1d4366404b9e7f1b4d7621a8e7bb72e5d484997e4973e0bc1ca3e9e1
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
422be4142d91c461f7fa4e71bd26b9e62ffede36ea22ec011d8c060956e64668
4286d9c235ea8c5f22876687da2b58acf3a3a5b7fe748a14647adee9c9d5f3b5
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
470171bce85601c3627b9ef34fe0e8ab388e0c75f824bddb65b08b920aee9aed
481b7705d4d3671996f7c7467362dfdec01da0752c7be98732c79c3a5e0d7545
4aa9ad8ca08a1625d32e45ac04ad44829177d697892e505b32b84e086ecd84db
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4e320580c0f0f3a948712ab04ea3341b27f2d31618245cd03c8a541875bf7907
4f61cd5097d0340ee183612a3ead71c232e1b21bb47f397b575dd48abeecec83
535cd50aa8ca78a00c768f48ae2cf146b83f000dd796167aade018013578a557
541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58e0226ae3948c4f3adfb3964eb32935e5bb0f627654e17e60dadbe3ee98df5e
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5db3eb38fcb64d80fe8c1993a5fe172fe2ca6e5a75939f7a481adad870543626
5f9c5c363f4bad5bc7c6b222e17e0095ccaa5d303431658b78b6633b89cb6137
60493970f6c0e647db4396199d1eae83ed81bfee3dd5f5c3c3b3721e2ef4b925
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
66fc36b0e0ee4688f022c5c88a9ed63bcef874b038c16730968ca4c9a7e586ab
69097add1828ce9e65ed34da29bb103edd596ee8c7b610a3ef01e01d028aba4d
69a4b06a36e933c9f332e3b6873d3bdd85859c8fe2e3f99e15dca787aff6b8c5
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6e692e5c79781cffc84a686aa13e40ef3587351c309e40e6fec101c731f0845a
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
72f3a3671c122f1aa09f404e8505d441eab401265cda99e82824e1b4ea1ddbf9
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7af117c81127bd319814813ea457519d009ca62ad9b99a4f727f1c979169d16d
7bd7d868aad46ad2617b5c5a9c205a345a06513d4bffd6ba51de3823490c2ffc
7fc196a6792490f3a60173545150807b29da87ec1d02b573a3e11cceb8b339c0
81331e7aa9e6ce2e2ac852dca95ed9753855c92e55c8d5791ae69be64da583aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c39db1aa3139efc8640d0f1807a950626a8b2fc3f39ee5bb9371ccfba7132e
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b895c0c25efd8ae926e0e658ca45fc56e737ab0cee325c18b33dfc210288601
8e1d0cb8582621d9639e2264cae5618bf768246a1f1d386db13e697b4feb13c8
8f6cc7f050ce82662ab4dc620128c444f8b5edcc37ea4cbab815defb4ce178a3
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
9782dac5cf0fbafd9e989c1fa032952faf2706b9e310859b9f3d2600c6abf405
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98a96d716ea632de2975af114bd5223323b7175116e16394295fced1ebb431f4
99b7ee825033d9c3661f8c1beca3600f9937c0e74be7a2b74de51995f73412de
99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0
9a5975867f2cc9780f720c3a7e1e1205f45d2d46727cd054ad61b5603d1eb44b
9adb69c53b32d803fdd06ce2dec775a62eafe5072df45d2c4508b42cf3c9417c
9c2fb69c9516e2f9c0e77256254df22fa3f98ca28d025a073c0787442d6b301f
9c5fe4a536622f2ee49e780626f4c42476bc512844b57b01e9c0d525fd0c09af
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19c45ddae7042d6a7e9cd42e8730d263c932042063797d888f04ddf27ccd059
a215ca8b17a5f7d58c8f7c608483c1dd5dc150f0e4190808a24222f3e97722ea
a445ef755fc52ebe466adbd7ecf929ff62f733168d27ee8e9f06eab061ae45a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
aae3e2b7cb616a40a508b813e7acf344bc8a80cb57dde5b7a60b73e1d47766cc
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
abde6c01477adf69d929fc7a3509c4a5cab712a19d333f75a4b1b14adc7b1b7c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
afb8be130e97b7a6d5bf5f78e7025f67d2d049a7e8798fdf9f970111c830de48
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4aeb05bf4adb947083b9a75e440df88368660f65cd0eaa52ee02dcc16e957f1
b7874347125bb87bfa81867427a6a62f2f3b1cce33fd1015cfe1ac0cfde1a948
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bd258cb50a129b9cf32ffe3e3e4437224bb6993dc2647434460ac8d7d9037986
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
ca4da12cb354937a133f8eb9dd3c019612db02ff000471f98af3be104e753fd9
cda203b963845af2d1fab6b7f6e4f6944679e7c310aa5ad4a19989b99ff18c1e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d0dc8628913b702e328e367fb028d23fbf67c1f15f4ecf05b10cc300fd706606
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d647a1a3ed73129ab31c5690e3f1eca641cb3487f792b4cf4466114048900da5
d753a5dec79d867ea9001bb5ae9e6fc4b0d959a6045d02980bd4a28fc971364f
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df83f8ad46ffdd1175587ea0ad71022ecfae60bffd733bb091b499d7c28826ad
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e556d4e5d4460cc0ac6fbe5bf374c221566a41314debe196f7876f9744a3dfa4
e5b88026e484421b4cec0c538a3c743fbc99006edc9ce34bd9f9827d8c5fe225
eb408322184379539c33068941ec5da920a07c29f74af9acb8a36cbc91294cca
ee569e8d1e3782cc1378aabd72074cc5a95939d010c7c97427ca2e8cfdada588
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff980b37035b0cd186f37131d156a7275f00aaa82ebfd25b06080a6cc8146c0
f033e338c246cb1d4dde196a1003c872ddcfac8fbadb4cbc9198b4d1f06f885e
f15e7111fd9f4d7031f26c85aa01c70e817248468c83c208df34822549de13f9
f2294c4453bd5485d7375f4ea5e5e8e8b868ea839a0ca12bcbae7d364768eb32
f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9
f5428b5ba66559d834d12725fb1c86c55f1392aaad426811130f5d673d58815d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f8005225bcb9ced0638067dbcba17e1aa212ab3baedf3307650bc4c4bd0d971e
f8560ab464578e68e658351a4198a3ba5194ff59e4045ff9dcd946ad391cbfaf
f9054a2f3a3638b38dbfe81baaa9459473ee082e4e7c3e7e13ca9e86a7d9ce79
fb97b96610b6440936056006cc80eb5353a3b9de8a1de3706b50eccc4ab75254
fd6d26da61c4b4b9133c2c959e01af0df8cdb9b4ad2d01700f6bdbf2b9142e9c
ff495faa2d1d7e5fd66d399eef697e1f0f31ad9be129a236997964c70cc1b734

www.tumen.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

259 Requests

95 %HTTPS

67 %IPv6

32 Domains

61 Subdomains

52 IPs

9 Countries

3353 kBTransfer

8706 kBSize

53 Cookies

36 Outgoing links

Page URL History

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

61
Subdomains

52
IPs

9
Countries

3353 kB
Transfer

8706 kB
Size

53
Cookies

259 HTTP transactions
12 data transactions