www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pda.tumen.kp.ru/
Effective URL:
https://www.tumen.kp.ru/
Submission: On July 09 via manual (July 9th 2022, 6:26:16 pm UTC) from UA — Scanned from DE

Summary HTTP 314 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 43 domains to perform 314 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.tumen.kp.ru.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time www.tumen.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
14	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
27	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
19	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	159.69.141.123 159.69.141.123	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2606:4700:10:... 2606:4700:10::6816:284a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3 26	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
4 15	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
2 14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	46.161.36.2 46.161.36.2	49505 (SELECTEL) (SELECTEL)
1 3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	46.161.36.23 46.161.36.23	49505 (SELECTEL) (SELECTEL)
1	88.212.218.1 88.212.218.1	39134 (UNITEDNET) (UNITEDNET)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.45.72.129 52.45.72.129	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223f:dc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	52.29.193.101 52.29.193.101	16509 (AMAZON-02) (AMAZON-02)
2 2	54.77.149.51 54.77.149.51	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	52.210.118.181 52.210.118.181	16509 (AMAZON-02) (AMAZON-02)
2 3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
314	55

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

pda.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s13.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s12.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s16.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s14.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.141.123 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.123.141.69.159.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:284a (United States)

ASN13335 (CLOUDFLARENET, US)

jsn.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
137d3085774ed72bf626261315513874.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.36.2 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp1.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.161.36.23 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp1.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.218.1 (Russian Federation)

ASN39134 (UNITEDNET, RU)

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.72.129 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-72-129.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:dc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.193.101 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.149.51 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-149-51.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.118.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-118-181.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com	786 KB
31	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	507 KB
27	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 259658 s13.stc.yc.kpcdn.net — Cisco Umbrella Rank: 302255 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 295937 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 373783 s12.stc.yc.kpcdn.net — Cisco Umbrella Rank: 314999 s16.stc.yc.kpcdn.net — Cisco Umbrella Rank: 305812 s14.stc.yc.kpcdn.net — Cisco Umbrella Rank: 303760	745 KB
22	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	5 KB
21	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10773 banners.adfox.ru — Cisco Umbrella Rank: 61881	94 KB
20	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1297 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 28061 mc.yandex.ru — Cisco Umbrella Rank: 3472 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25280	352 KB
18	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	3 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	271 KB
10	gstatic.com fonts.gstatic.com	169 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	2 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6189	235 KB
8	24smi.net jsn.24smi.net — Cisco Umbrella Rank: 58053 data.24smi.net — Cisco Umbrella Rank: 58626 img.24smi.net — Cisco Umbrella Rank: 78961	61 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	210 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
4	stat.media stat.media — Cisco Umbrella Rank: 22336	29 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 10783	62 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18578	2 KB
4	kp.ru 2 redirects pda.tumen.kp.ru www.tumen.kp.ru	100 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	781 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 117395 smi2.net — Cisco Umbrella Rank: 46224	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	210 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2197	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11075	1014 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 38127	909 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 61709	627 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	40 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35470	1 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	667 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9125	2 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	862 B
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 48295	868 B
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7874	8 KB
1	kp.house identity.kp.house — Cisco Umbrella Rank: 271500	2 KB
0	bidvol.com Failed ssp.bidvol.com Failed
314	43

	Domain	Requested by
41	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.tumen.kp.ru f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
22	mc.yandex.com	2 redirects www.tumen.kp.ru mc.yandex.ru
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.tumen.kp.ru tpc.googlesyndication.com www.googletagservices.com 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com googleads.g.doubleclick.net
19	ads.adfox.ru	yandex.ru www.tumen.kp.ru
19	s01.stc.yc.kpcdn.net	www.tumen.kp.ru s01.stc.yc.kpcdn.net
15	www.google.com	4 redirects tpc.googlesyndication.com f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com www.tumen.kp.ru 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
14	yandex.ru	www.tumen.kp.ru yandex.ru yastatic.net
12	googleads.g.doubleclick.net	2 redirects f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com www.tumen.kp.ru www.googleadservices.com
11	s0.2mdn.net	www.tumen.kp.ru s0.2mdn.net
10	fonts.gstatic.com	fonts.googleapis.com
9	yastatic.net	yandex.ru yastatic.net www.tumen.kp.ru
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumen.kp.ru 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
7	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
7	www.google.de	www.tumen.kp.ru
6	www.googletagservices.com	yastatic.net f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com www.tumen.kp.ru 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	stat.media	target.smi2.net stat.media
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tumen.kp.ru
4	tns-counter.ru	1 redirects www.tumen.kp.ru tns-counter.ru
4	img.24smi.net	www.tumen.kp.ru
4	mc.yandex.ru	1 redirects yandex.ru www.tumen.kp.ru yastatic.net
4	fonts.googleapis.com	yastatic.net client tpc.googlesyndication.com
4	exchange.buzzoola.com	2 redirects www.tumen.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.tumen.kp.ru
3	www.googletagmanager.com	www.tumen.kp.ru www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru www.tumen.kp.ru
3	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	skydeutschland.demdex.net	1 redirects 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.tumen.kp.ru
2	r.scoota.co	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	counter.yadro.ru	1 redirects www.tumen.kp.ru
2	target.smi2.net	www.tumen.kp.ru
2	137d3085774ed72bf626261315513874.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru	www.tumen.kp.ru
2	data.24smi.net	jsn.24smi.net
2	jsn.24smi.net	yastatic.net jsn.24smi.net
2	www.tumen.kp.ru	www.tumen.kp.ru
2	pda.tumen.kp.ru	2 redirects
1	m.exactag.com	28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
1	match.adsrvr.org	28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	static.adsafeprotected.com	28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	mug.criteo.com
1	smi2.net	www.tumen.kp.ru
1	smi2.ru	www.tumen.kp.ru
1	ysa-static.passport.yandex.ru	www.tumen.kp.ru
1	avatars.mds.yandex.net	www.tumen.kp.ru
1	s14.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s16.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s12.stc.yc.kpcdn.net	www.tumen.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
1	matchid.adfox.yandex.ru	yandex.ru
1	s09.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s13.stc.yc.kpcdn.net	www.tumen.kp.ru
0	ssp.bidvol.com Failed	yandex.ru
314	71

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
tumen.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
uralian.kp.ru R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
identity.kp.house R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-13` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
stat.media R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.tumen.kp.ru/
Frame ID: 810ACF697DF5168F893CA8B4A001D555
Requests: 170 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 292E28784666FF517C15DD6FCBF95E68
Requests: 8 HTTP requests in this frame

Frame: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 01CCB55A63642E12025D189EEBBE7054
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 2BD550B2FC9A10DC98CA12E4BF5C70F5
Requests: 8 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: E1915963DF92B16CA165E1D3450C6F04
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8EC04907FE172B0AC5E157090FDD604
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 330F648171080652EE52ECD9CAA1D211
Requests: 2 HTTP requests in this frame

Frame: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C124A522B068FFA3D15E4C0AC43B883E
Requests: 8 HTTP requests in this frame

Frame: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C5D63A2795960DD3F087EB6F7D80D74A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Frame ID: 3959BAF0EBD0DB82D559D22F4E761D9A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4256AAD99B619988260C5C1B165CAE11
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E62B014035D07242F54DD4CBB8A93E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 363A1778E9CDD913740A0C1776DA8D85
Requests: 2 HTTP requests in this frame

Frame: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1A18F348ED3CB530656700F8D7312102
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html
Frame ID: 4BCF5729A81546E95A12966DF55A6EF3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js
Frame ID: C35302D8AEFB9139E8D939318C05D7FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 416DA8C2039E5C7A73A8F76FBBFE2804
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C3C29715012B2842C3E7B865EDAAEC64
Requests: 8 HTTP requests in this frame

Frame: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8C310323DC756CB49DB31C4A08047061
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E854147677B7FC15B9508B1A792FEDCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68B8965E4890F8050B13B17C53FCDFB2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru
Frame ID: 2597E21EED521E918329E9E9F849C21B
Requests: 2 HTTP requests in this frame

Frame: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A984D51F5ED27D4F59E9C958F615509A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW7fTqglUA-wzqMJd0eo2qK2wzyY9jWjpmeoUfr51oFODmTrGpQOBliewIQYIE3hCO3g0OS0FfH0tUjavag9Afp8thMUMa9Ngk5MCi8JMPFejBKrQdV5m5aBk07e4lMFd5Ib5ICXTsKrbuAhTrjwe8hGlowoOLPoY-6EUXzDqTqCHVQTvM
Frame ID: 0932BAE0CA1B2784CDCD210AE094C42B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6990D8FC87677667EF72A5756523BCFB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 846267F098743C3EC7B02FE56C06D7B7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
Frame ID: 56AF33B257056D48C8A5A12E849FB50E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Тюмени и Тюменской области: главные новости на сегодня | Комсомольская Правда в Тюмени - KP.Ru

Page URL History Show full URLs

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

314
Requests

94 %
HTTPS

53 %
IPv6

43
Domains

71
Subdomains

55
IPs

10
Countries

3950 kB
Transfer

10123 kB
Size

73
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/special/
Title: Дом. Семья

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/tourism/
Title: Туризм

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/dom/
Title: Недвижимость

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/stars/
Title: Звезды

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=3821171657391168666&hash=f32f2a02bf542e78&puid1=adv-1657391168624-362&sj=slrVGGv9CsEV0yjb7ZF55J6z9agAVd22yW5UcuAUJSQh1WiPCMwxjp0eN5b4bA%3D%3D&rand=zaqyrm&rqs=QGz_Z1uUlBVByMligRRKRvEVpF2wLGDa&puid3=top%3Aregion&pr=jkgosjf&p1=clerf&ytt=272130738618373&p5=ljjmt&ybv=0.612847&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.612847&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=3821171657391168666&hash=f32f2a02bf542e78&puid1=adv-1657391168624-362&sj=slrVGGv9CsEV0yjb7ZF55J6z9agAVd22yW5UcuAUJSQh1WiPCMwxjp0eN5b4bA%3D%3D&rand=zaqyrm&rqs=QGz_Z1uUlBVByMligRRKRvEVpF2wLGDa&puid3=top%3Aregion&pr=jkgosjf&p1=clerf&ytt=272130738618373&p5=ljjmt&ybv=0.612847&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.612847&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 54

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 120

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.e9rx0lUuUYse7X3htc0uQXMSndbFVCJ3pT4fivakExtCWekaoLNZ9LFUHAhJatfg.ApnUsWlgpHA8sFdzatJB7BYD2h0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9694.JdAAS9M_pcaXdIcUhEqYOFHWkhYUVCvh6xcqlkviMytRwhaAuDgyRtdeFfWxLiKLpLN6T-baAbhg5XiVWbpaI20ithTzOTc8sTnLEsS6IEI%2C.KytLvKODCkRkWUMUgYgJ1CidHuY%2C

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182609%3Aet%3A1657391170%3Ac%3A1%3Arn%3A788313850%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657391166903%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182609%3Aet%3A1657391170%3Ac%3A1%3Arn%3A788313850%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657391166903%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 187

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.3303208380920344 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.3303208380920344

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188

Request Chain 249

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 252

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qq0kfnxaSzhqdFBvaGtLcEpWaEtRbjZCN2JNdEtDTUppV1pybTZXR2FqVEIyTDlqNWxsb0oxUHF5eWJCTm1zMFBOcElPdThGY21RU1phMmgrR3FQNTR5Y2JpdVBjblByTXh0RXFRMDM3MWVZT1NOVWZSV1ZTWk1Jd3l1TTFyMTF6MUVhb3luN2xVQlJXMy9CK1B3N0dUNjZBU1hxaEJNSE1ML1ZWeHZBU2kvN3dWM3ZkWC9sb25QcXN3NVdQbkw1cHdlckRpeEh6MmJxYlpwSVc3QVF3WkV3YzVvOHhtODFqY2ZmSDNxeWQ1ZTA5NW9EdlpEWVZ3QVlQcXB3YS9DVElTQU5HM3ZMOURSMm1ud0tLSlpObDJNamExdz09fA&cppv=2

Request Chain 256

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17610765076&bidurl=https://www.tumen.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLuiXAzb6gj57QNaeHVEai HTTP 302
https://static.adsafeprotected.com/skeleton.gif

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1

Request Chain 262

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsnIQp6n66oCQ2q5vZ5JWwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXiYbAbJloPe7cLIoU1S50&google_cver=1

Request Chain 264

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDk0NzI1NjQ0MDI1Mzk3NQ%3D%3D

Request Chain 273

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHE34CsdeCDsBR-41R67VFE&google_cver=1&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3hLC442YADwy6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3hLC442YADwy6

Request Chain 275

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBWsfj_sXaru0HYLemN3Qgw&google_cver=1&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBWsfj_sXaru0HYLemN3Qgw&google_cver=1&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8eef547a-4183-4a71-83ba-3e14bfeafae1&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn&google_hm=qlhV21rIS72IrnV__yNtjA==

Request Chain 280

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr_consent=

Request Chain 299

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q8jJYpmKH67TxgKVi4vwBA&random=1186894763&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930&ipr=y

Request Chain 300

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q8jJYvSKH9Go1waO65ugCQ&random=1199077056&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897&ipr=y

314 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumen.kp.ru/
Redirect Chain

http://pda.tumen.kp.ru/
https://pda.tumen.kp.ru/
https://www.tumen.kp.ru/

728 KB
97 KB

216ms
97ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 921fa6157fcb13321ce83f4f5a022a5dff4848fd1ae0256b3e5c341e0aa15598

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 18:26:07 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E2BF065E254F

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 18:26:07 GMT
location: https://www.tumen.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 122 KB
31 KB 181ms
72ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391167727892-10326575728163230998-sas6-5260-c5d-sas-l7-balancer-8080-BAL-1392
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 19:26:07 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 285 KB
77 KB 174ms
65ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

483d62eadee1a211b47d2cf37805eb4c378b13bbe7de22990a280f6cecd501c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391167728121-8194524636267940031-sas6-5260-c5d-sas-l7-balancer-8080-BAL-8046
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 19:26:07 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 247ms
85ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sat, 09 Jul 2022 18:26:07 GMT
x-content-type-options: nosniff
x-server-trace-id: 467bfdb9f7ee2518:2311a320d2a0dee0:467bfdb9f7ee2518:1
x-amz-request-id: e5a077f6af558c77
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:24:38+00:00
content-length: 22100
x-request-id: 5d7143e0-574d-4714-8aa6-dd6c4379d65d
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 18:26:07 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 237ms
84ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sat, 09 Jul 2022 18:26:07 GMT
x-content-type-options: nosniff
x-server-trace-id: 3f3b32d60c823628:493f69bd3fbb8a0e:3f3b32d60c823628:1
x-amz-request-id: 8259096b49ecfa86
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:24:38+00:00
content-length: 39768
x-request-id: b5b145f0-e5b1-4461-a449-5df34960f483
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 18:26:07 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 6 KB
7 KB 247ms
86ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
x-content-type-options: nosniff
x-server-trace-id: 100cedb4480f25b4:59ec7fc25041f272:100cedb4480f25b4:1
x-amz-request-id: 50bb611345200b2c
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:14:06+00:00
content-length: 6368
x-request-id: 74a2ad26-a51b-481d-9730-899a7f620ad3
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 favicon-16.png
www.tumen.kp.ru/boom/api/2/metrics/adaptive/ 514 B
922 B 118ms
117ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumen.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=tumen

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:07 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: 663f3c25502a91a4:b84a8e00a0d8221c:663f3c25502a91a4:1
x-amz-request-id: fbd90425ed2c3d06
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: 0a71171e-02e5-485e-bb81-d602ef3c9085

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 n.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 768 B
636 B 245ms
87ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/n.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: c8f759b6cc6ea5b4:5d4c84b130e47ea5:c8f759b6cc6ea5b4:1
x-amz-request-id: 9d5180bb83d45d6a
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T17:16:34+00:00
x-request-id: 61df7861-d648-4b1d-9b80-1ce36ab8f3a2
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"bcb30adf55f66df96da407d71ae251e7"
x-amz-version-id: 0005D1CC4947530E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 wr-750.webp
s13.stc.yc.kpcdn.net/share/i/12/12592322/ 37 KB
37 KB 281ms
86ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.yc.kpcdn.net/share/i/12/12592322/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 02748302b87fe5d0aeadbb619bdebca25c6d16da24f81b30a9c5f7c6daf70753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Sat, 09 Jul 2022 12:54:59 GMT
server: nginx
x-amz-request-id: 37d4cdfba8b0460f
etag: "4104629569f2ae0f8f5c4ad8feb4fdd1"
x-cached-since: 2022-07-09T13:05:32+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 37910
expires: Wed, 13 Jul 2022 18:26:08 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
303 B 306ms
80ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: 3d8352a8e5c71fef
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-07-07T13:29:35+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 13 Jul 2022 18:26:08 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 339 KB
128 KB 239ms
100ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: aa95e874238d9420:b1ca0f157999e5a1:aa95e874238d9420:1
x-amz-request-id: 0e7a5c12a62ad2aa
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:25+00:00
x-request-id: f71b0f72-3116-4d44-b90b-77606dc17ad4
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:27 GMT
server: nginx
etag: W/"98675e5b796bd847a8803e1c69d8b874"
x-amz-version-id: 0005E2A927C058B5
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 276 KB
81 KB 301ms
162ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 9a4e4000a1188aff:ec8bfb26367d4cae:9a4e4000a1188aff:1
x-amz-request-id: 160db91aa753ce5d
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:25+00:00
x-request-id: 80113911-353b-4b49-98ff-0441bb7ff8e7
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"2378fe123e0fecebba09157bb2536b9c"
x-amz-version-id: 0005E2BE6FE323CA
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 67 KB
23 KB 209ms
185ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive-topbar.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 4b9ac74600137734:695a63b77fa6957c:4b9ac74600137734:1
x-amz-request-id: 0af219c0ef7a1896
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:25+00:00
x-request-id: e490ac91-38e7-46d0-8495-5a64d5d1b42d
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"7700d4b62e38d1493f2653db0feb9b45"
x-amz-version-id: 0005E2BE6FE49A25
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 10 KB
4 KB 208ms
184ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/radio.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 8853d48932b3e7d6:641ffbbeaf596e50:8853d48932b3e7d6:1
x-amz-request-id: 4ef742072a02efe7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:25+00:00
x-request-id: 3cdf73f1-00c9-41fc-8d0b-3ff72d25cfea
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:26 GMT
server: nginx
etag: W/"a3a9cccf9e2d2a9ce8f7bafa4339497a"
x-amz-version-id: 0005E2A927A79488
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 17 KB
7 KB 208ms
184ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/main.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 17a76682b67fd0a7:ebc8f990533c424f:17a76682b67fd0a7:1
x-amz-request-id: 1d667c0d7fc9a232
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:43:54+00:00
x-request-id: 423e3ef1-7ebc-4bb1-b779-afe970598201
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"cb2b1ed58fb8b4ba09dc5e9487c8fa34"
x-amz-version-id: 0005E2BDAE058001
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 97 KB
32 KB 209ms
185ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: fbb8e06388b05e28:292769ee9d6a5ece:fbb8e06388b05e28:1
x-amz-request-id: f7508d737ee36382
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:43:54+00:00
x-request-id: 0e8862c5-72a1-46e1-908a-ce507b903b1a
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"46e357ef7b6cf3e349c3af0978aca190"
x-amz-version-id: 0005E2BDAE241823
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
8 KB 209ms
185ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 379dcd641ae41380:cfa4fa6a4e22eb03:379dcd641ae41380:1
x-amz-request-id: c6398600d19338c7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:25+00:00
x-request-id: 77bb6ee5-30b0-4f5b-99b8-4f6fd7b8df20
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"b31cfb10ee072ead4f32a6885a826cae"
x-amz-version-id: 0005E2BDADE973C2
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 36 KB
13 KB 187ms
163ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 2eaf8a3e251b459e:878b27d916b324b8:2eaf8a3e251b459e:1
x-amz-request-id: 1958bc49fe1f589e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:21:40+00:00
x-request-id: 02630182-0dd7-4773-a94e-22e7914fc484
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"0df52b90df7ad9d22083e858071729f8"
x-amz-version-id: 0005E2BDADEDD1AE
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 47 KB
13 KB 116ms
92ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 530ebe10603bfe2f:99a73ddd1c77e659:530ebe10603bfe2f:1
x-amz-request-id: cdcd8ed7ba056095
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:43:55+00:00
x-request-id: 99be3269-269b-4ff7-abaf-182f352830fa
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"4682a0351fe6956c5d06b8ec281c0f4b"
x-amz-version-id: 0005E2BE6FEC6309
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d_c1.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
1 KB 110ms
87ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d_c1.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 986ab1d3bac103c4:e7034dc8c3199d6c:986ab1d3bac103c4:1
x-amz-request-id: 8fb8e4f2e260a4b6
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:16:23+00:00
x-request-id: c6047355-28f1-4777-9289-3ecb80468027
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:54 GMT
server: nginx
etag: W/"487f54f0c53e89966ecb91fb18632e0d"
x-amz-version-id: 0005D1CC492F37C9
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 d.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
1 KB 187ms
163ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 372493f1d7c7341c:4c68713a927a6802:372493f1d7c7341c:1
x-amz-request-id: f76bd714e78fd0a0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:54:13+00:00
x-request-id: 0d7e992d-af4c-4925-a97b-2a4735c23402
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:53 GMT
server: nginx
etag: W/"eb1d088e654cd61490ce9ed3f821ccd4"
x-amz-version-id: 0005D1CC491EC82D
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 44dbedfc7378e409b02d.js Show response
yastatic.net/partner-code-bundles/612847/ 13 KB
5 KB 115ms
35ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612847/44dbedfc7378e409b02d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f81c4045ec0d82aac75f72ee891350ad058d3a93e1be7c8831019318b1d78f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4465
last-modified: Sat, 09 Jul 2022 16:35:02 GMT
server: nginx/1.17.9
etag: "7d5a6aaf8343290dc9f28b253db3bdff"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:59:13 GMT

GET
H2 200 6f581145af963d72d3b3.js Show response
yastatic.net/partner-code-bundles/612847/ 86 KB
18 KB 142ms
62ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612847/6f581145af963d72d3b3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2853f02a97e1eab0631063c447d99c45ae4ecb4f8c351682ba467301434df230

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17875
last-modified: Sat, 09 Jul 2022 16:35:02 GMT
server: nginx/1.17.9
etag: "0c8db49ba2237639f05d08eff7b31791"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:59:14 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 152ms
73ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:57:23 GMT

GET
H2 200 3e6eab174e2acc8b6f89.js Show response
yastatic.net/partner-code-bundles/612847/ 561 KB
113 KB 168ms
91ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612847/3e6eab174e2acc8b6f89.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

19e2617d285e351af51e6c6671c60577c4d4b0694856f9cd0b9ac688707cf5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 115358
last-modified: Sat, 09 Jul 2022 16:35:02 GMT
server: nginx/1.17.9
etag: "7bbe907e73de44fa16f13883a6a55121"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:59:14 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
373 B 231ms
59ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

eccad07bb18dac2c2b2d6bad2b050819ebf6ab2923a2cbf0f368751a0cd4371b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 18:26:08 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 9a588310742adbc44f55.js Show response
yastatic.net/partner-code-bundles/599290/ 37 KB
10 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/599290/9a588310742adbc44f55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10038
last-modified: Fri, 17 Jun 2022 13:53:09 GMT
server: nginx/1.17.9
etag: "b3fb60d15c0a59a3cf542d7daeab0766"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:58:45 GMT

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 177ms
67ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 082f5a71f2c164ddc4cb665b6563934aaa84d210afffd3e75475958d3f84d80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 18:26:08 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 611

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 91 KB
12 KB 1071ms
910ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?pages.age.month=7&pages.age.year=2022&pages.direction=page&pages.number=7&pages.target.class=100&pages.target.id=49
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b190f4a63921bd6ca74e0ae5f1d6edb56ae9807da467dddfc4000956a3aba064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 18:26:09 -0000
server: nginx
etag: W/"291e8124de1607e1f96877373d86d874"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 09 Jul 2022 18:36:09 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
254 B 422ms
264ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524637&pages.direction=current&pages.spot=49&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8576b68444c58e2f0c0f02d81bf53b0ccd7f82742d6bc174d9812a3fc15d3cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Sat, 09 Jul 2022 18:26:08 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sat, 09 Jul 2022 18:36:08 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 200 KB
43 KB 592ms
437ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524637&pages.direction=current&pages.spot=49&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 51cc160081ef682ef44aca934515160c8c9cb092802ccc2c0af82bfa92a04790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 18:26:08 -0000
server: nginx
etag: W/"bc56153476439fbf4c3ccbfa4afa1a12"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 09 Jul 2022 18:36:08 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 77ms
76ms Fetch
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sat, 09 Jul 2022 18:26:08 GMT
x-content-type-options: nosniff
x-server-trace-id: 181db056c85d4dd4:ae57b67d76b8ba9c:181db056c85d4dd4:1
x-amz-request-id: 2f1bd93e9a62b17e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T11:46:41+00:00
content-length: 43
x-request-id: e6e70a6c-3146-4417-aecf-887a0a1e86ad
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 3 KB
3 KB 82ms
81ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
x-content-type-options: nosniff
x-server-trace-id: d5f0b12dfd90f9fc:27567f9c0a3c34c1:d5f0b12dfd90f9fc:1
x-amz-request-id: fb03e4b2584d23b2
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:37:11+00:00
content-length: 2873
x-request-id: fc43f60c-94bb-484d-995e-7d5437afb784
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 wr-750.webp
s12.stc.yc.kpcdn.net/share/i/12/12591938/ 91 KB
91 KB 86ms
85ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s12.stc.yc.kpcdn.net/share/i/12/12591938/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4bb46ac2e1ac8e4fae27114b8708df55f1a984d8bbd713fea91bc479e64948f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Sat, 09 Jul 2022 06:08:51 GMT
server: nginx
x-amz-request-id: ff748a7f35adb414
etag: "f73f556beba305a5e4808047ffd35ed0"
x-cached-since: 2022-07-09T11:28:57+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 92692
expires: Wed, 13 Jul 2022 18:26:08 GMT

GET
H2 200 wr-750.webp
s16.stc.yc.kpcdn.net/share/i/12/12590238/ 78 KB
78 KB 313ms
312ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.stc.yc.kpcdn.net/share/i/12/12590238/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cc557f7c454f4507d1722f12a78d6cc4a10cf3db3104d761dc87cb014bbaa21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Fri, 08 Jul 2022 07:07:43 GMT
server: nginx
x-amz-request-id: 6316f6941607dfd8
etag: "44428bebf9d1c3579acd0f03e40b2dd8"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 79478
expires: Wed, 13 Jul 2022 18:26:08 GMT

GET
H2 200 wr-750.webp
s14.stc.yc.kpcdn.net/share/i/12/12590110/ 74 KB
74 KB 426ms
361ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s14.stc.yc.kpcdn.net/share/i/12/12590110/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 01c3133a48ff2cc94764baf35da0123b56adc3473636cb010174cbd80506801b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
last-modified: Fri, 08 Jul 2022 06:19:22 GMT
server: nginx
x-amz-request-id: 6d744f4b6b1b71dd
etag: "1a7d8b1c1868c5ed8bc3db636bfb3a9a"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 75894
expires: Wed, 13 Jul 2022 18:26:08 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
200 B 206ms
95ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

06981a64a4919801e9b7f0a0fe9223d5e50343f1d1ee156f693a89292da1d9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

36ms
34ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"7eee4a256b5bf4563b91654de7c6f0b06823968e6087b9c97231e7038eb17aa9"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 42ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:35 GMT
server: nginx
etag: W/"62bbefe7-1dc0d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Jul 2022 18:26:08 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 48ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 18:26:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 194ms
63ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:08 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 227ms
76ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 18:26:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 67ms
30ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 47ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 18:26:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 205ms
70ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:08 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 215ms
60ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 18:26:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 68ms
32ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

37ms
35ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"af90c6502f7c252ad28e05b3c73dde449a13e1629ffc67dfa85ef9c2d389bc57"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST pl999
ssp.bidvol.com/rtb/ 0
0

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
201 B 189ms
84ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b1cbbc2d30a2862f68c01851c38ebee8876e0b62f062ecc197fd596dc378c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 222 B
533 B 163ms
58ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

625a6ab71fdc612207c0e58f5fb039fd3b064bbc5eef66dead6022d7743eaa38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 44ms
13ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 18:26:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 215ms
77ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:08 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 220ms
66ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 18:26:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 65ms
31ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 86 KB
26 KB 85ms
84ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: b733aec2c4dd2cef:3b1458c17fe9d8b9:b733aec2c4dd2cef:1
x-amz-request-id: c8f7239d5f280668
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:15+00:00
x-request-id: d8652942-809a-46c4-b8fd-56bcb5a7bb5f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"c21f53249c99e0b7d1bced9b5513375b"
x-amz-version-id: 0005E2BDAE211742
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 405 B
660 B 81ms
81ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 4119f2bc58473b69:d8a4fda93f0441e4:4119f2bc58473b69:1
x-amz-request-id: 2a8f35bbed43cdb1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:12:15+00:00
x-request-id: a9185600-1694-40b5-8b32-2dc7dc5f2298
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"c6bcedb067d139a244e5e24f4f1037ee"
x-amz-version-id: 0005E2BDADF96F29
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 18:26:08 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 267ms
266ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-07-09T18%3A26%3A08.662%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=3312677379&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612847&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1657391168618-212&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

746b831ec5c99b337a0539d90ca9f46552f69719bd964b55a5c49b83b67c63df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391168721971-6867603194436719607-sas6-5260-c5d-sas-l7-balancer-8080-BAL-4630
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:08 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:08 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 3 KB
2 KB 146ms
145ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T18%3A26%3A08.694%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=906041843&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A300%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A1655%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612847&available-width=300&available-height=400&yaru=true&pp=g&p2=fqyp&ps=bxyd&puid1=adv-1657391168624-846&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6100b852f12489e366676fa990f618519af7effd1f2e913d4eb074108faf0b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391168774412-17230388563883850680-sas6-5260-c5d-sas-l7-balancer-8080-BAL-5975
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:08 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:08 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 288ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=35334344558

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 289ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=95797140011

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 288ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=90442038174

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 95 KB
27 KB 338ms
330ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-07-09T18%3A26%3A08.841%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=3648775817&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612847&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1657391168618-149&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MjAzLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxMDEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4324fc6f18883e24661b7c88040ad5bf847e0ef4f077cde80d8efc6e9476f03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1657391168892701-17727137365735734317-sas6-5260-c5d-sas-l7-balancer-8080-BAL-5115
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 200 93c7a06aed665575098e.js Show response
yastatic.net/partner-code-bundles/612847/ 36 KB
10 KB 36ms
32ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612847/93c7a06aed665575098e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

580dd00a201db7202f93efd4a3d41019fb9cc9d724c14a0e3ca906b36c8bde41

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 9991
last-modified: Sat, 09 Jul 2022 16:35:03 GMT
server: nginx/1.17.9
etag: "57c90e0c5db27d005200ff4edc4367a0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2052 00:59:21 GMT

GET
H2 200 smi.js Show response
jsn.24smi.net/ 89 KB
28 KB 57ms
20ms Script
application/javascript 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/smi.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612847/3e6eab174e2acc8b6f89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 393
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 14:38:35 GMT
server: cloudflare
etag: W/"628261eb-162b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 72831b35ad520219-ZRH
expires: Sat, 09 Jul 2022 19:19:35 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 66ms
66ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=64cc6889e99f1c9a&pm=cyz&p5=lamxz&ad-session-id=3821171657391168666&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVAyMliybdnM001zWVuzwFq&pr=jkgosjf&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fqyp&rand=mgrugkz&sj=GOEHbnTZyaN2zMKHFNwnnIkVzpyDeIXP9J0U5XpeMtLA9qCQcXgpYg2z4TEqQg%3D%3D&puid1=adv-1657391168624-846&p1=cbpai

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:08 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:08 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 cfg Show response
data.24smi.net/ 427 B
467 B 207ms
198ms Script
text/javascript 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/cfg?object=19594&ver=35&pio=true&pps=true&callback=__smiCb1657391168930

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bac98fc273488496e7f2da80b46ac9532d6dcb6b23218444dad0e639c777594

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
cache-control: no-store
cf-ray: 72831b35ed9c0219-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 292E 81 KB
28 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612847/6f581145af963d72d3b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1269 / 608 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 67ms
66ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1a7c2fec6c56f912&pm=bmo&pxo=YSx6KmSg-7t7c_xNOytXUeouB5vrRHl1glLMh0PthghTQ6xhAzFMRisY82ZDTiMRfvGnmoFvCq4clNwuZNxdHvsjKqQeC3h6uflddC8LxZvKhW4VH0ONhjMy70kIdIsqkVt0tfdS7mXNdnxeaoEwnf8PfgVN7UbgRklCTo3zRwFhA5XsO_f9&p5=gwdbk&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=ggbuoyx&sj=0JUs5rPDqe81p4B7umbPjzQ_De86wAt6QdK28UPWAChYxt5vecMP0DPpeIKoEQ%3D%3D&puid1=adv-1657391168618-212&pr=jkgosjf&p1=cdinl&rqs=QGz_Z1uUlBVAyMlixxNGf7MzBciXivhD

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 13ms
12ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 16ms
16ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 18:26:09 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 13ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 18:26:09 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 107ms
106ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T18%3A26%3A09.006%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=3281694418&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A235%2C%22top%22%3A3760%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=612847&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1657391168624-362&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=6&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM2OSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjY1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRDZ0UEcyWDF3OTM1S2tIaTlxb0gifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjM1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF84c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjM2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAzMDA3In0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5Mjc4NTcifV0%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0fd49b19d389e09d564f7ebb352aba8f79b531399a56a21fe1235e169c2af189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391169038278-9518025983518670153-sas6-5260-c5d-sas-l7-balancer-8080-BAL-3747
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:09 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 13ms
12ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 330ms
329ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T18%3A26%3A09.009%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=4011252336&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A215%2C%22top%22%3A1208%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=612847&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1657391168622-692&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM3MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjY2LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MTk1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjM2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTkifV0%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3fee6da404568360982debc957f0064a847847fa8904082076f42b6729b521ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391169041167-13006606687243302094-sas6-5260-c5d-sas-l7-balancer-8080-BAL-7300
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:09 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 12ms
12ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 18:26:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 292E 374 KB
128 KB 42ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 17:19:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 46ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612847/3e6eab174e2acc8b6f89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 18:06:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 18:26:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 77ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=a57008fe34139090&pm=cyz&p5=ljjmt&ad-session-id=3821171657391168666&lts=fjmwocf&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVByMligRRKRvEVpF2wLGDa&pr=jkgosjf&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&rand=hynipgy&sj=slrVGGv9CsEV0yjb7ZF55J6z9agAVd22yW5UcuAUJSQh1WiPCMwxjp0eN5b4bA%3D%3D&puid1=adv-1657391168624-362&p1=clerf

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 297ms
53ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: cbb24926f773afd6
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: 0b56808b2e4afbc9

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 432ms
187ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: 51071bc2e617223a
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 54e6f6761398bbe8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 292E 107 B
792 B 39ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 292E 107 B
549 B 36ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 292E 79 KB
27 KB 315ms
315ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3156625231131484&correlator=1262447982745202&eid=31068222%2C31068339%2C44768338%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_12&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1657391169183&lmt=1657391169&dlt=1657391168962&idt=199&biw=1600&bih=1200&isw=160&ish=600&adxs=1410&adys=389&ucis=bia9d4f7fuij&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=286304303.1657391169&ga_sid=1657391169&ga_hid=1249849070&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c26b35db27b9f0e09573db523bce189e9559f36c180606481565152f9f656cb3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP3WlJ-37PgCFSHuuwgdcXMAnw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP3WlJ-37PgCFSHuuwgdcXMAnw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26634
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 09 Jul 2022 18:26:09 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 292E 14 KB
11 KB 41ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fce8cc9213f8d10a1409683b1b8994eb8df8eb64db8526c483c934f35493cd4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10787
x-xss-protection: 0

GET
H2 200 container.html Show response
f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01CC 6 KB
4 KB 62ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sun, 09 Jul 2023 18:26:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8278.js Show response
jsn.24smi.net/b/5/19594/ 15 KB
6 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/b/5/19594/8278.js?t=1653556517

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 15:04:32 GMT
server: cloudflare
etag: W/"62c99900-3b68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 72831b378f810219-ZRH
expires: Sat, 09 Jul 2022 19:25:44 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
23 KB 36ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:38:01 GMT
x-content-type-options: nosniff
age: 272888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:38:01 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 09:22:07 GMT
x-content-type-options: nosniff
age: 119042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 09:22:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 17ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:47 GMT
x-content-type-options: nosniff
age: 440002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:12:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 22ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:43:17 GMT
x-content-type-options: nosniff
age: 445372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 14:43:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 292E 17 KB
7 KB 54ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 32ms
32ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: 2e5fb9d6282cb968
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jul 2023 00:15:14 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
486 B 166ms
56ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391169427930-12152784781932157508-vla1-4474-vla-l7-balancer-8080-BAL-1460
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 227ms
109ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 19:26:09 GMT

GET
H2 200 x600
avatars.mds.yandex.net/get-direct/4593589/kNMgnDhZwsEF8-9riNuBMQ/ 7 KB
8 KB 190ms
68ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4593589/kNMgnDhZwsEF8-9riNuBMQ/x600
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a0a6aac43426b259f7698b9c9d71366d7f291bc9ad9decaed0469d545556cc29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
last-modified: Thu, 02 Dec 2021 18:42:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 7376
x-request-id: 92ac8ab76cdbf1fe

GET
H3 200 css2
fonts.googleapis.com/ 6 KB
685 B 45ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 17:04:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 18:26:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
611 B 44ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 17:23:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 18:26:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2BD5 81 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612847/6f581145af963d72d3b3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1269 / 586 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 64ms
64ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=96c0c592fa477b2d&pm=bmo&pxo=hPd0eyfirn0CJ9DyMGXT2vSMo8DHI1CoxF094aOr07vQRlg4TPiNbv5W-Rz2UF9kmQPOj_97qBJaPOBlZpvqYqfLOzSPq1X-o0__AfqK0VD982VkoPC_9xt49baBAIkWK4xmHHFIXlV-uSoLH65k4sx7ILu8YOKA7Na8P1_vIA8yOfX5&p5=gwefg&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocf&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVByMliyrs-vWssGYh-7IF0&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=ichpajm&sj=CsUJ4irhOqqIvWov5AQbwzu_vFi63DD7EoFG3EfyY7vlNxq-u3VCRbXUTEWTNQ%3D%3D&puid1=adv-1657391168622-692&p1=cavko

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame E191 24 KB
7 KB 100ms
34ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 09 Jul 2022 18:26:09 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Tue, 09 Jul 2052 01:01:21 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8EC 13 KB
5 KB 22ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:25:46 GMT
expires: Sun, 09 Jul 2023 17:25:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 330F 783 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf33e310c0cd1db4f9589bb7f300bb44e00fdf1cb7f4ae7bd211a809f15af54f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tq6-yxkYwUn_fyW414-5CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-tq6-yxkYwUn_fyW414-5CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sat, 09 Jul 2022 18:26:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 informer Show response
data.24smi.net/ 3 KB
1 KB 71ms
70ms Script
text/javascript 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1657391169&ptz=0&pl=en-US&object=19594&template_id=8278&num=4&ref=&output=json&chash=tMSrjAqd4c&extids=&page=https%3A%2F%2Fwww.tumen.kp.ru%2F&callback=__smiCb1657391168931

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fad50668373a310ea2b4e86923ad2260ee3070fec61e8b8236f3efefcde5b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 72831b38dd97cc36-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 24ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 424586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 20:29:43 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 294080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 419674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 21:51:35 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2BD5 374 KB
128 KB 7ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 17:19:42 GMT

GET
H3 200 container.html Show response
f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C124 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sun, 09 Jul 2023 18:26:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 76ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=3d4e7125b7907dc6&pm=bmu&pxo=YSx6KmSg-7t7c_xNOytXUeouB5vrRHl1glLMh0PthghTQ6xhAzFMRisY82ZDTiMRfvGnmoFvCq4clNwuZNxdHvsjKqQeC3h6uflddC8LxZvKhW4VH0ONhjMy70kIdIsqkVt0tfdS7mXNdnxeaoEwnf8PfgVN7UbgRklCTo3zRwFhA5XsO_f9&p5=gwdbk&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=quuzmw&sj=0JUs5rPDqe81p4B7umbPjzQ_De86wAt6QdK28UPWAChYxt5vecMP0DPpeIKoEQ%3D%3D&puid1=adv-1657391168618-212&pr=jkgosjf&p1=cdinl&rqs=QGz_Z1uUlBVAyMlixxNGf7MzBciXivhD&resp-time=604

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1VB_XotK0HW200000000U9nJTCZvdnuzPOgeuQ6pJrhN2QyrjNGuSJA90GWyOIAXtSn5BB5zQGmCgOn0ySn3PnTKWyHBPO2ysXGWqSe88Zj1ia30n32JSQeBXBsGSOyqXBMIyPi4XBMNyOoB0CDHCFyi8pDGv2eZIEjTHWOP1gQ_ZBEO61ZcCe54bZAT0aglPVe5P... Show response
yandex.ru/an/rtbcount/ 43 B
586 B 58ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1VB_XotK0HW200000000U9nJTCZvdnuzPOgeuQ6pJrhN2QyrjNGuSJA90GWyOIAXtSn5BB5zQGmCgOn0ySn3PnTKWyHBPO2ysXGWqSe88Zj1ia30n32JSQeBXBsGSOyqXBMIyPi4XBMNyOoB0CDHCFyi8pDGv2eZIEjTHWOP1gQ_ZBEO61ZcCe54bZAT0aglPVe5P9zb-Wy4JvbU04LUCGdqyBvPVkWi0uEsxCFYvCUi37-PEeI13c5c1IhjPLO4abEPGKRCPMO2MGua5K1sisnadXKplI6XdTtq93FCxrV1Ak-2oP_C3axyO6VEOb48TA-AZp8i3Srn2dEizCt9hCghyWegppPtD_V8zF4EI5l88XqAKRo2PMedumuMfWCiJ3TP8DxyOF-GvUmP47XZ_vO5vDa9hAqD7Grj7smNi7AUPDtyX0EixYQhlSBF-vldX2bzPGLviOEjWMK2su4RV_TlwrvwIdG6svN3mGlOTczw-ARhnQS_wnbNii5CFS3cSOAD-H4RRwAverMceLjfgcTAelbBDfZzF-6iYUnobhyciMc_jP_5pcPcQ6HXOhw1lK5X1plZ2NQH1-mF3rmzsVdYtSIi7-mBZHiujhut000U_gwg

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 18:26:09 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 330F 0
0 62ms
48ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=3156625231131484&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.e9rx0lUuUYse7X3htc0uQXMSndbFVCJ3pT4fivakExtCWekaoLNZ9LFUHAhJatfg.ApnUsWlgpHA8sFdzatJB7BYD2h0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9694.JdAAS9M_pcaXdIcUhEqYOFHWkhYUVCvh6xcqlkviMytRwhaAuDgyRtdeFfWxLiKLpLN6T-baAbhg5XiVWbpaI20ithTzOTc8sTnLEsS6IEI%2C.KytLvKODCkRkWUMUgYgJ1CidHuY%2C

43 B
355 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9694.JdAAS9M_pcaXdIcUhEqYOFHWkhYUVCvh6xcqlkviMytRwhaAuDgyRtdeFfWxLiKLpLN6T-baAbhg5XiVWbpaI20ithTzOTc8sTnLEsS6IEI%2C.KytLvKODCkRkWUMUgYgJ1CidHuY%2C

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9694.JdAAS9M_pcaXdIcUhEqYOFHWkhYUVCvh6xcqlkviMytRwhaAuDgyRtdeFfWxLiKLpLN6T-baAbhg5XiVWbpaI20ithTzOTc8sTnLEsS6IEI%2C.KytLvKODCkRkWUMUgYgJ1CidHuY%2C
date: Sat, 09 Jul 2022 18:26:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame B8EC 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame E191 95 B
400 B 181ms
60ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:26:09 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0000
Content-Length: 95
Expires: Sun, 10 Jul 2022 18:26:09 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2BD5 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2BD5 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2BD5 146 KB
46 KB 314ms
314ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=707081792669082&correlator=2804630068616905&eid=31068158%2C31068222%2C31068339%2C44761478%2C21068766%2C42531607%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_9&sc=1&cookie=ID%3D11cd127e710eae0b-22799053c9cd0098%3AT%3D1657391169%3AS%3DALNI_Mb1STAmy2DVxzhNnDWXnzDiAnt52g&cdm=www.tumen.kp.ru&abxe=1&dt=1657391169654&lmt=1657391169&dlt=1657391169372&idt=274&biw=1600&bih=1200&isw=240&ish=400&adxs=215&adys=1208&ucis=s54ialrfdua9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=552062313.1657391170&ga_sid=1657391170&ga_hid=1894252115&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f8ab162cec14d59593a5559a0145860377d9953977dbf063f29cfeb56c85ff3c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjWsZ-37PgCFZmK_Qcdg2UBFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6260330094686772102/DAH_200x200_Hamburg/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjWsZ-37PgCFZmK_Qcdg2UBFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6260330094686772102/DAH_200x200_Hamburg/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46813
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 09 Jul 2022 18:26:09 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2BD5 14 KB
10 KB 39ms
24ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c45ac4cca27e9f345eecdd15d5a1a683b314ce7086700b7bcf564b22e284b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10715
x-xss-protection: 0

GET
H2 200 container.html Show response
137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C5D6 6 KB
3 KB 50ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sun, 09 Jul 2023 18:26:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 497 KB
45 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5157cdc5963c4c9f350c75669e14168190ddef3114048d63d672b29252fc917

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 427342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 46522
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 19:43:47 GMT
expires: Tue, 04 Jul 2023 19:43:47 GMT
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C124 0
0 52ms
51ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv9UZQcjJYr2yDaHc7_UP8eaB-AmokNzgZpTy7rKSEOmagOD7KhABIPHL50JglZKcgqwHoAGFvqbzA8gBCakCd4UcxQcXsT7gAgCoAwHIAwKqBJoCT9Apr8YNkMI3dR-Gj5wWbkhwSnKA68_5uTMLGIyukroR9j1HDU7NqADn4g1P3yXJW6gZgLWbArPZEgSsbynAfvR0YGSZ2iL2Rv_iTCwzRLfU_1pu9_jV9ZYYgrSleSeJyUiWhb3QNbZOUUEOrJnxgZKHsTHGXeJFPquRsK97zcPUflU6U5dFdsO_sNUrRXAvhzNB6HXH6XUAGWWfFTeYfMgn0B_JG32drwOG2505I-KxdT3CFpLXUieFWagFqViP77sV0Qp2ej7sEbh7pMKRKHh9kLzGRoGZnmLJlBtACWgdodonqAx9clmOftxxGLVxKZh2zDR5Eju6wrhK7iysJmnpTXRoIGvZkswWL0cqbH0vqXycMqJrblVvwASjoZyW-gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH48HZDKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL74FNIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=2yzap3fZXx8&uach_m=[UACH]
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4256 143 B
426 B 29ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 17:50:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C124 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:09:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C124 137 KB
42 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 200 08bea81d703e059fe43109f4e6e30677.jpeg
img.24smi.net/100_100/0/8/ 5 KB
5 KB 28ms
18ms Image
image/jpeg 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/0/8/08bea81d703e059fe43109f4e6e30677.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2588a20eddf37705d93a5be706c3068084886dd85cdbae23378f0f4de3ebf637

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 106058
cf-polished: origSize=5585, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5417
last-modified: Fri, 08 Jul 2022 12:50:00 GMT
server: cloudflare
etag: W/"62c827f8-12cc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 May 2023 12:55:34 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72831b3abb3b0219-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 9302cf30010d754acd5a5d7db26893ac.jpeg
img.24smi.net/100_100/9/3/ 4 KB
4 KB 28ms
19ms Image
image/jpeg 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/9/3/9302cf30010d754acd5a5d7db26893ac.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bfde9b91c43a201337e2cfae2a619fbebc0045f4e630733c372ddbf3a0ce3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 39325
cf-polished: origSize=4512, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4316
last-modified: Tue, 05 Jul 2022 12:52:50 GMT
server: cloudflare
etag: W/"62c43422-129f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 May 2023 00:21:26 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72831b3abb3c0219-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 debe4f5542a0c16d4aa17c221327dfca.jpeg
img.24smi.net/100_100/d/e/ 6 KB
6 KB 29ms
20ms Image
image/jpeg 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/d/e/debe4f5542a0c16d4aa17c221327dfca.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f60b2013d27c45b16222d33352db78c1c775b2e4f82506963414127ef6e6d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3232
cf-polished: origSize=6535, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6394
last-modified: Sat, 09 Jul 2022 17:22:46 GMT
server: cloudflare
etag: W/"62c9b966-19b26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 May 2023 17:29:16 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72831b3abb380219-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 c0dd6a522b8703f8742adc3444c7fddd.jpeg
img.24smi.net/100_100/c/0/ 8 KB
8 KB 29ms
20ms Image
image/jpeg 2606:4700:10::6816:284a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/c/0/c0dd6a522b8703f8742adc3444c7fddd.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4189a6e9515b398cf3073a38341bf739a3ee2978d3acc073837512226c219686

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 115801
cf-polished: origSize=8503, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8376
last-modified: Fri, 08 Jul 2022 09:42:57 GMT
server: cloudflare
etag: W/"62c7fc21-2256e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 May 2023 10:03:21 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 72831b3abb3d0219-ZRH
cf-bgj: imgq:100,h2pri

GET
H3 200 css
fonts.googleapis.com/ Frame 3959 6 KB
704 B 19ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd9381260ad51627ef2f8ba1e99c34adf6e6954c54cca2312cc460b1b20678f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 18:23:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 18:26:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3959 16 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3959 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 23:30:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BD5 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C124 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:16:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E62 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:25:46 GMT
expires: Sun, 09 Jul 2023 17:25:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 363A 783 B
536 B 34ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

260221b364f48de0ea52aa5b56feaa2402e898303b45836b5fbbc503f136594f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YGJgl0B4iH68Uh-Dj1INUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YGJgl0B4iH68Uh-Dj1INUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sat, 09 Jul 2022 18:26:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4256
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
62ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sat, 09 Jul 2022 18:26:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:26:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3959 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 294080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3959 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 458302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:07:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C124 0
0 14ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6B3n2jDpQzWGiyBVJC5-NEiFgUuTJTxMDvf5Rgne_WW3FTUbQuDJl9igmLy49zSLfcpgMX-ScgsMQh4GBCtL6WtaXCw
Requested by: Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C124 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cbc52c02bba9a41c4861317328d8be0ce4abd1077155e18825f860096df567e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B8EC 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5PgVWQ
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3959 17 KB
17 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:43:01 GMT
x-content-type-options: nosniff
age: 445388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 14:43:01 GMT

GET
H3 200 Robotunits_Logo_mini.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 3 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Robotunits_Logo_mini.svg

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f256a316271a085b13428e78d7eeb014343f633be0382bb21b04bcf19b87fcea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 robotunits_Logo_Claim_-_Genial_Einfach-Einfach_Genial.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 5 KB
1 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/robotunits_Logo_Claim_-_Genial_Einfach-Einfach_Genial.svg

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee3c83c278e037e85b1ad63a4df8bd0165b3a80a5bd4d83d855262a0c80f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1486
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Warenkorb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 1 KB
636 B 11ms
8ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Warenkorb.svg

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9815fe31ba2b6c43e2d63695ca42125ca432eb115200487a6a0a9d7e53473765

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 606
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Zahnriemenf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 16 KB
16 KB 18ms
15ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Zahnriemenf_rderer.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9438ae7f5b873bcca594875785a94a8632686955a34fd717b5130b86a6511747

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16731
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Rollenf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 16 KB
16 KB 13ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Rollenf_rderer.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c35bef7abeed70f2a1eca573aa12c16969b0a0293cc27e463a2dc54da8c118d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15879
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Gurtf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 12 KB
12 KB 16ms
14ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Gurtf_rderer.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e284c728470401d1d5eed56d4eacdd4ca5da82286f6864263b4d5374d68fa0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12481
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Modulbandf_rderer_gerade.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 19 KB
19 KB 15ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Modulbandf_rderer_gerade.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f663f0b96b83e0f3dc34fea3253eef5bed2e88494ed48a3990e7fd136eb5e6a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 427405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19136
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 19:42:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 19:42:44 GMT

GET
H3 200 Modulbandf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 28 KB
28 KB 13ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Modulbandf_rderer.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39b74fcc99f4b56758d56aafe6defc0cfa26c325f5d028705ec5e19f4d916909

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28632
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Verlauf_Weiss_-_336x280px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 22 KB
22 KB 11ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Verlauf_Weiss_-_336x280px.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffbfc4fd7443146da8af0ffb6a17df8c9775e427799f67e022e12f519163b44d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 427405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22872
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 19:42:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 19:42:44 GMT

GET
H3 200 Montage_F_rderband.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 214 KB
214 KB 18ms
16ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Montage_F_rderband.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44eebebc320ee341ccc3f50543909bde3a7082487ad914588c3d91281a38b97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219340
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 F_rderband.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 28 KB
28 KB 21ms
19ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/F_rderband.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de4e5164bf9562da35c90965354e0e45917c428a76f9aa2e5954a2b192f43caa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28763
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 200 Universum_Background.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 3959 79 KB
79 KB 20ms
18ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Universum_Background.png

Requested by

Host: f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
URL: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

605f6d52fb8dc1615d01dd5c10abc70a79c2fe8eba17bba2602ceeee1bf195cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81195
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 06:51:02 GMT
server: sffe
date: Mon, 04 Jul 2022 22:17:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 22:17:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 363A 0
0 59ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=707081792669082&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E62 36 KB
14 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H3 200 container.html Show response
137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A18 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:09 GMT
expires: Sun, 09 Jul 2023 18:26:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 72ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=156b0b23a01fa7c6&pm=bmu&pxo=hPd0eyfirn0CJ9DyMGXT2vSMo8DHI1CoxF094aOr07vQRlg4TPiNbv5W-Rz2UF9kmQPOj_97qBJaPOBlZpvqYqfLOzSPq1X-o0__AfqK0VD982VkoPC_9xt49baBAIkWK4xmHHFIXlV-uSoLH65k4sx7ILu8YOKA7Na8P1_vIA8yOfX5&p5=gwefg&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocf&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVByMliyrs-vWssGYh-7IF0&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=zvrmup&sj=CsUJ4irhOqqIvWov5AQbwzu_vFi63DD7EoFG3EfyY7vlNxq-u3VCRbXUTEWTNQ%3D%3D&puid1=adv-1657391168622-692&p1=cavko&resp-time=623

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3A...

167 B
542 B

59ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182609%3Aet%3A1657391170%3Ac%3A1%3Arn%3A788313850%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657391166903%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fef59e2c8a0ef950f7541328bf485047ed669524ea43a8391717838da41755fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182609%3Aet%3A1657391170%3Ac%3A1%3Arn%3A788313850%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657391166903%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
73 KB 43ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be3a0df36dbaac54ee8f9b8fa94085ba6923e595130d93a0c7ebdc45d278a7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73813
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 55 KB
15 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e509ee1ad89c17baa0a95f0899b322fcb4700297ce1f53179d2bef676318bf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 15472
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 11:44:41 GMT
expires: Sun, 09 Jul 2023 11:44:41 GMT
last-modified: Fri, 14 May 2021 13:30:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame C353 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C353 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:09:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C353 137 KB
42 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C353 17 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C353 0
0 22ms
19ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTj_z-lvm5ycmN0rj1t2CJFN_9pKXDgeUqOFELwmC9l08ThFb_BGRdIZWYEvrbioyAev56lYAjz2Wq4U9m-FzxG1G67w
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4BCF 16 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4BCF 26 KB
10 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 23:30:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 416D 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 17:50:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A283012886%3Arqn%3A1%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Ads%3A0%2C0%2C97%2C145%2C451%2C0%2C%2C80%2C0%2C%2C%2C%2C892%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(34900)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
73 B 59ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A876747101824%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A62213855%3Arqn%3A2%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(34900)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d25cc5b065456444ee12a1ce6261afba22f2afe316db704b3e38a01e6bdd8756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70530
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 38ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d02fba790048c3fd33b923ad14a63fb1b86d40ddef54ee91b7096f8f420ee75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70578
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 189ms
91ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Wed, 01 Dec 2021 16:19:48 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a4-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sat, 23 Jul 2022 18:26:10 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 111ms
110ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Sat, 09 Jul 2022 19:26:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5402
date: Sat, 09 Jul 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 18:56:08 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 160ms
49ms Script
application/x-javascript 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:55:37 GMT
Server: nginx
ETag: W/"5ada0d79-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 12 Jul 2022 18:26:10 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 39ms
8ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1657391170171&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&c7=https%3A%2F%2Fwww.tumen.kp.ru%2F&c9=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: _gkOiC3MMriiAnEMfGyB2PsAyO0B3vNgnt9Zdyh59RW1P7C4hm2vHA==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kptumen
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u0...
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%...

43 B
528 B

57ms
56ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.3303208380920344

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:10 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:10 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.3303208380920344
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 08 Jul 2021 21:00:00 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
236 B 60ms
60ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391170204620-17942590753966293545-vla1-4474-vla-l7-balancer-8080-BAL-6975
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 325ms
324ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T18%3A26%3A10.176%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=869038644&pr=2902056071&prr=&pv=18&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612847&ybv=0.612847&ytt=272130738618373&is-turbo=0&skip-token=yabs.NzIwNTc2MDU1MjAyMTMwMjI%3D&ad-session-id=3821171657391168666&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=612847&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1657391168623-593&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjM3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjY2LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNzE1NzM3NzA5NDBiNzJjMDQyODkifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjIwLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoia3BfMnNsb3RfMXNjciJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjM1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODQyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTIifSx7ImJpZGRlck5hbWUiOiJhZGZveF9hZHNtYXJ0IiwiY2FtcGFpZ25faWQiOjE1OTIwNDAsInJlc3BvbnNlX3RpbWUiOjE5MywiZXJyb3IiOnsiY29kZSI6MX19LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjg5MDQ1MCwicmVzcG9uc2VfdGltZSI6MTAyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyNzE2NiJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxODcxMDE2LCJyZXNwb25zZV90aW1lIjoxNTQwLCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMjE1MzUifSx7ImJpZGRlck5hbWUiOiJhZGZveF9pbWhvLXZpZGVvIiwiY2FtcGFpZ25faWQiOjE3ODk1ODEsInJlc3BvbnNlX3RpbWUiOjE5MywiZXJyb3IiOnsiY29kZSI6MX19XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C92%3B586085%2C0%2C2%3B597485%2C0%2C93%3B590119%2C0%2C5%3B598479%2C0%2C72%3B605363%2C0%2C35%3B610874%2C0%2C53%3B203220%2C0%2C8&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJloiVSJWk7HWKYpCi%2BxYERbMpCgT59w4l2ZbkXXr3ZQEvfM4M53rGP3aa95xZOHSsB81%2FG7ixwPaWaxBSq7bdffz9x%2B7fz1%2B%2BP%2B0%2B7qwe%2BO7D7vnp27P4Cz%2FTNI2DZPfzjw%2B7AzMgOBirelC2QbxtmIRuaK24z5OlNLzleTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOGzoFRdoVacT%2F%2F9vaLMSUzpxR82WFVzyTWzSNuz8sE0ykI14D%2BEkiumaM0TE5JfeLhkRctB8uOChBv0GjpV8RWPku0JeMs7Lq2BshXlgwO%2Fwj4zd%2BwRGi7qxuIbpcH3aiHrdz%2BeRkE40rK2VccpDT3SjxxTLG3N7nDEhC5zMtnvmK6F9CETEgdRtA3Z0Fdj7DvlAg6WiRadmGLnLY6EJNkiA5p36sChbJg23MJeqw5aIR%2F8HEEQk3Tr0l48An60YDXm0oXZWKbtGJ3e8KFS85tLjQ0mDtzcM0LpzbtL1veOujhBpY7yLa4mWehjwZBpDGQhrKvm95Dh8xzZgWuzLXrnfErX2DAmwdaRgzCiEK2wJ%2BhbdiowcNgJg0Hn7ngS0vCmj4TEMWV4OZaEKgzXBzd2XDoWlt5KPEisKYYdM2aQdf0S%2BPzP96cFLA6zKCcTzOCwMm5abjHbyl6AWAWG86vTa9jXz39%2BeVohoyTMpwJ0VdehrbnLpfWbjGmUT1ko1SCxVhU8NtoLydIsjEfIicmKP4IesPY65m9bStIwmif4atLAfmhbgz3A%2FfggCiNyeWKh1QPGB58HtRaVH5nSLHnRYaiEsVoUXngYkGR67ycuw9FdOIrKNiA6VnMvNg7ijFyxaG4szEJpV0eaVWIwv7yR4cSc35PDwNojOxk%2FMkrn1FZ7t7pNjxOfgxUdV4NdQUNCyBobk2h6c1%2Fi4hmXBe4Zvz2KNHP17hVGmbt2OdsD%2FuitRDSZpuEtXOwB%2Fx7deLlXIa8wnB04sHZYZSsiL6PPQ3GsTiF7TDIw3fltJ0EezbaxX60wo0Daq9vtsYVSglpihLacabfp3TZkWrBNwMMtbE7vpp80PzIsr%2BqtjYVM51y7pQcdR1V0KReuNU67Vq3mL13hMxJPee%2B1UNrNbtwjB8GPvdL%2BkknSZB547usgcXmXHOVdV3thaYi4EWZMj8urbLjzEHquy02VBmSV5JQGebwoEfJIcF%2FhMFDGCq%2FNLKCzzQpFlx3XO8b4qHF1YqrncfsOEZXhzJ7yh%2BuknB%2BwmSebrUKzDLfR5MQ8SSpc1iWKOeOd2TQP0mwxwwQKRoaJRSVfuogZn9E8okGwwo5zz%2BAQtI1rrJ5VFS5oP0lM5yIZ94xbw6eeQ%2BT3GncNXWSr0%2BUre%2FvWXJ4mryIB5cAomO9YP3NoWyyaCUzJnLxjpVWrqAe%2FBit8GmXRBf9u0CiqCybxqgCUHnuB1TYKGuTwL508C9N08fiZZKpNXPA4Ey%2FiCge7dQfUVmJsNXcYR1PhNcVGjtA8D3Oy%2BnJE4mz8cq1ZEd4R83FKrt8FIz6tHkeDkPi%2B%2F8I2C%2BgriCka80DHEsDLFsPgprSQriouOh1b%2B47TlE6VgTqg5nbsdiHd6adxgLmPODzv7MuEpHFIXhrge6GNOz1Y5yQsTBtYHc4p9JPmKJOWrrHCqHbAeWU6d3y4br%2BTazxm5vtqUfM45dyEqrdC%2FAYcBvnUso3tWjq1mcGdUgkGluOJcAePcie%2B3vkKGpRs2Dgtc2AU9la%2FQbCTC8OoAGrt0o0BQOX2wo544QeDhGTX6x7hKOINnPCYw0OtBKPL9%2BDPO8Id3%2BP0W4G%2Ff%2F329Lzu3zReoN394H4QmH8HwIIwonPHthnwMjj5j0aakyC43kU9rrnxnuLgmh5QcFz%2BgXeSktWaDptvM1ni9HW2STdVdxy6UGBVtWz%2B8QH3uL%2BsaZRE8%2FrAdtWdkxiay%2FM11mte%2BK%2BAJCBZ6irr5%2F%2BpyHnk&use-server-side-rendering=1&pcode-icookie=kHPPmX8ZLtigbsQxlQD%2Fe%2Fi8vx%2B%2F71n6msO9DrfOSzZHIBP%2F7SsYo28nhiVKvE23GijasfWWUObyPgOzFWsZgOZfG4w%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkuOmBMFBXPMzNt9PJwXuM42TbYYc2x0kcw3U63890cg-JGf52n2Q-_OZjEocdh7bhGdrG0t5euRSglwJ6BtqMEIhUpSJt762c5MMMn-ZlERVVpIgGEYiQ1hFDjzWxJdao7CpbnNQYsoos1sWmWDtAh4BQ2WPDIkVYF9wa6-O0YcdSY-IBcjnXqshjU13Ygvxp47QuTKZFUhObF1nSCsgaw1igdYtmwRagXgXrPKQLuBiaivo8mhe-2BJgrreCDhp21DTgehRZ4hao4LrDjIJVwRWMSZZD2HW5HIgki4C2ApgahBpAkofFwYiUm4eFzcXOzeNwOpCycYNv3eYRbjbwMLI5XJXBxcgGjig7Gy0HYiedw0nPIFo56BkcbAwOcERjmNLYKBaVZNIYe42BVpHXRUu0ABftglkGujVWq6gOSxIbFlhTrBu40qUHlYqsLvAGlW1RpEOB5fbokgUepGUf9TI8VcGNk0FHfPQDwXQhCXW5VQ_qZW660EpEhlPtcLxI2AaScboodWf10nLpoQL4QtO-cJoO5_ZeZFg4fCVLS9iLYuhnWSBJRYZpSbPyzCdtmiwUmuXEi4JSRL5n6iG2iPnL1IHWlN2JpqB824dAlodlNfl04uwsFMYuKhwkKSY2-AjpEbPThggLRgxNRFr1qpXVu8gFy2N4EO7856Rnh8_Nw-5EJA_OSeNw0DNUDqQuWlpwRGk5vIys_AJMtF43X2VjRIqIHrkodwz0K5uMR7iRkefcFYbDw4zQSccs4BWqrGhcqNjqouVlp0EihMDrrkwguzCjgL_8kWx3zcuXhkfY5R8OIJZ6NvHgcdKygM7iWnigvMzhbl9f3ooEAeSS5fQrmXr1yUQYpYq1J-hkCYVKZffJK7RgZaY--QYqtqooolrw1w3AFSvEH6NJJquSiSI-YQB2qW-KjbFZRe6L_5wmlo27_pgOffzvI3_JwdQHx1Q-egYlR21fcKSP2NbTXeuD4TAebKkeeyY82XyRMTQZscVfVa7rs06DZft7n9yBsHAZhn8Vta92rKPbGOKPusBFLuWecdzMxFQTnvtBtRQe5zH-KDkw66LxTIRTrhPV_aQXlIea5K-e3EeeT3RoX2D6CSf3RRimPdfJnbut_gnrH379JTXkef1LRWOs89GaSXK7dxk7BW_zVXLQ_x43PeeoDkE-i_yRAeTSZ8sp6Se9H7XPr2G6ESc-eYY5B_3Xcjq8XFqjGvETsu1zVjRzOqH55B3qVot5DGq8cr5t_jPQ4TmkaOdlbcyzl69l64jkK7fLFWtbPO0fQDh8nUfh4KULc1L45a_wUCNDxLocAz_HuiAgBQw_8DCU6QQ53IgFl0HsoHIhYUPw3IvsOgI5YRGU497jqcjRoQSD7v9J3vrioaVzMciGV6By0TOjoVWA0iAyD0OQwOORYRCs7EicKBGjesxNledDOvwcHByIXa7s_H6ONk_WVp7TdZORUMkxAT0KcwIfKTsyVk6vYGVFy4AWPpcot5sPEhNsAVdsooeRlk6QltnLW5kwsWNEh7I4scjwwpIbeHgYXPgY35k7vsrBSAM2I4uo4uQvcR3I5hwg7xJVW3j-OIe2BirgMRBet5Db7Y_3kCmdYpn8a3ch2VuUzR2I44Jm7Fcv9SQxn2W1Zk7NhnnDmajxyTMmNCgwYPR6eP2xHaB3HxtmbU9_s59OA7VFvTdZRflFGepL2C6RY5VJCD7ukEyy_KuGXago_ESXmqHYKjNo8ByA5lRGoRJq_aVJw8LiDkEVPh82IQQOr6ey0ILNitmhEPlY3NwBSMkEdylEXI-DjsbBwLT0Z6LjApUejXLsx1LHvLu_pO6MXwC0vWobvrBq24Aa39N_ehHDXjf1kt5Nl7Q-uNrO_xqJKrK9gcWAh9s_K1vG2HO3XQQt3vSMDDT8niVHdgzIaeE5i-WuW8gFTH5hObgK3dzViQENZhSof03TW82miEEzzTY1nlpkU2jLTPmVsHsdav9yPl5e8wLST45TLlJGFWlM2FvlB9m28fR58ZtuquBEq-TYp2-dqWIVEhrokG-fSVVw6hPTekASyldgoadn65oLPg1KtKG1uItectjD420pYJeMBq7_woiIHiHLffesY9M8qroMJBrat22fJ9-kR_5MGUtVaCbw3yGVBWr9XyD-BNm71-3ftPb8W7-jGWr3z1Rv4BINmXdDboqWLyIrqwrdeSs7FwawaMES5earS_7pydhysh6bOzbjm0SyElVKXcnccaVWFgsGMMBAjbCnYchvi3JUM9XedWaJzs0gHAIcU_WT1RaTdfJxZuq9cPZJp7z5EJUtSNem0BQJ4ZcRwrrRsJmXNFEOD-E0kV7qHOgRcCJA9Vhx8jvhGE9Gml6U1Cdf4q6yW8mvdfNY7lvATfALyK7xE7judCOeup-FpAt72ZfRiE8uWxMQlFgUTC2JiUaB_sycLiFECJcrJzq06BH-KA8lbuhvzIYzzVNG4_RL-snGkjXVxodiOB2j3osUe6FT3b9taXKuj9SfGWoMsC1lcydslIJBR1N_gew9aLyBeiWbf9fq_35SSEjTimeFEpI83l5rbpM44kZ1eKvzdEpf1FvOtcegZaz65XZSUL-bpiOu_3Moiuhk8n8oZv0w0ysvYVh3XbNO3XKbIB04lpbtGltZru3H3E3_xPUWPLlm6Te99srMOzDfC5KqKMWvmiVEOL1JQPwaEsNhSVI9QVu8fti2nGiKdnIK1vJbf23uiVdZTSSKukjLwvvrM5reSD95YFRw193ebVC_Cu9f7XXNsfYQ2xDbbYFE4kKFGYxkj0KaSZJPgkl50LCKlx2yKdV5q1n9qKnLQ39ZsjZUJSqK4V957E1TZB3zrurXd9mqF1HYJXdKoAPAr-oJifaufer3Qd8h8ldW3WqmIZyNTTlf9EV5lWwr-3oSUMS3PIuS5KdrY2UPydSjOJ-GBl_fjcipMPXJImLxXLzWkT7KW89TqqIMIFwsOFMVEGpSGnWSTeKraZHgakYVBW1ij_2xwnLfsNSHU0Y785OcXGTiK2H_-DGP9a8oWA-oC3Q7pKLr-iqu-ZkebU52OOdNX6KeQWZH1WVBIR7PSl4O0LPbJH79uGuO6DjpZAbq9J59nBtIfWAfAnQt8q9tE-BhUH8NytR1eUFFc6CLvLll0ENkrwZU5-0wuDyZIlYPq2Qn8X2ZNRdJ6xd0v-bUxd4BbwgwW3_4BV5g-opF00VIFJ28NbkdZSb8kec9qVvb9q71CnJNB-fsD9rl56tL2pECSxRRLSE58o3kvHz1f3TIn7rbZv07MBeDZfoUEjU_Wa1rpBiPK7HVCLUwtDXxxZtaLvk9yxhpW6ejSQapaIROhfkcsLsIhnSKC1U38iFAE_3xtKh29BYO5RamnsR_9ArKhh-pOZuPKVn5KWEdCkLoOvTh_eSjeHG3J6zImA2N9Uk4eLU50jqAElws01hA3GDsTm6DLI_HNgKF-2X58L-a-9J71nF30YTeCdpk1-Of7ECZ3rRvErl91qRh6tKfJG6XZnzltHFleg61u-qxQh_8dwMDTiQDqYucRNUPzO0LXbd4_jZFD5MKiy1W71Pgi68yfXWtKJptLXCAujvjPe5xSoyQ0IJQfnqTCm4fE2NP_rXnzzxyFvewv6mUd7T3tPWQhM9-5w1VkcfWt9VmeojT9j5sqdm26xpVUQHwpoREf6j9krHjxcUAjfOANjZQ9JvUtUxzZ4fyHynDtkGuiNvM3vqn8h62MjhGgm2KY2Ny6KzzHkRT__8b4v6kaQVhj8cEl2RerKylfMkjbxs0ysa-f3idgerWZB5aHk2pi5rmBzQ4HIlbbQJzXshauYGT_xS-hceFnIsLo_J3p73stpxs5Hun2beLL0BsarnqaDcc1JSXKJuptyXVWyJ8LHY4UqUYZYZc2xjVlkNc_fqH22aN8QG23ClTP9YJ4oZbwG1mTKDt3TQp1l70opcNxEUfk0ZaBfCHnO5GeqOWk4HJl8D0ZNRPqdirQC-EHqGIxnWUWTVzjeWWYLlqSxxjjJg7WzX1sZZapni8HOFBDa1524OJwBvARPosZTkkqSywPjNMnV8hav9-4EdtHE1IeDn00FsXpaBxbYv8zWlh7isjL2E4A3l_zmdQn1Nd8TVwH8iKBlJiYoN8TonfgiRLtGiKcC3sO-UhRCBbbO1JaS82-2EjvOpYvN-Icwhc4T2YWwZwY-OWirc3_3Y7j7CGWnaX-xp7dIgXCq2qu8PVyBDjlZmo-cAWXoqFZ5r4XTKrl5gLB7XUriH6nMoHWZYvSewFPBM3Nw-LR0GmWxFiTPzwkPHSefkXLQeHYy-9W0ApH-wJaHjk4MRWWTGxomDGlEUzlWyWiRAyeJxOZoyXNdAEVwFpFHY4GdnkuMRa2TCx0iF3TikVrWwaPFwDJyRz_QVCgpUVMZioMKINyvxHOnT113XKH7XZHOXUx2VDHEXVK5CyiM8kHcHt5RORhXepWvYOc2QeBC6Dglglvv0UwNV-kkiEjdjDX78gT1BMoj2rNZStF03bJCmq25C-LDn-4aIuH_WBeC3mJ1CNBhEaDGxvft_KjKfhN4helC0S93BiJXUp5GJbYRXhE6v7fLjYfSgBszyLwQYocpPDeDF43b1b-sLWKjfvUWCQdvPVV_jNMEo642gfLt1HSvLLOhHfljBe7DEtWj7xe4oNF3sKWB66lP295Xkt4UU4ssz36By15XqkU6G_iZarmagjdQxh9N_P5ViaqYJw_bSwJY8uXP-DrW2ct-BvGyEH-tlqZ6LpWK_PORE71HhE-Kfd-qWROSjiWwuOwb4slqI9MGe5GCX20g63momTSn8hZkt5cbGl0CNbr13l8psVTuGoGxhsycPK1n6fVHldyJKoIz4wvzUshNraS3V3snH3R8on8Zu6NjZu9lRS39i6Km3BnnjZwhxHe-AuRrupDHC3xGUKRuOEjgeanrYePT1NS4iQ-m7v-Sga617-t7pIp3wlUdsxi7y-3BSx--zBQ5-l4rqWrKBhPo1np9FlOWZl2NF8qpllobW_z1Zta-ZLER-HOdFz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

58b4b3133a9f9680a958f8aac0f02eff779ebccad572483cca463634a37ae3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657391170210675-13202035059356949349-sas6-5260-c5d-sas-l7-balancer-8080-BAL-7588
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 18:26:10 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E62 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TLDvJw
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame C353 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24eb1b9d06967440dd14bc9354efa96ab41324c1fb987adb1444df6136e97b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C353 0
0 52ms
51ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjW8LQcjJYriyKpmV9u8Pg8uFoAHm4NCWaa3fmeXmDcLmh4qtJRABIPHL50JglZKcgqwHoAGcwvGzAcgBCakCd4UcxQcXsT7gAgCoAwHIA0iqBKQCT9CqmpYxJ9d-_qIC4OdB7kiRKBSaFHDM_eecyIVCD1TOUXJmsRHK8Qy4mCYQBSMh6fiRuC8fow9ykZR6PAfi27zXz4l-4z-cTEFS1huANtRxYd8I-qujkfRqudjsObkfFf3A85yh4CXgxuQPLAZQ4uWie8C9dND1fcC4eKFECZFTR4I37As2l-IQ-PBWSvRgJMd7yY5iBzExtPP-aonzGCrGKSDFleJGiEhoWPKlhyyNKPSDI8oZ0LaAePrtpLt4d3qA2fGrefnn6mxIh-IBQ_JFWY-FI3PhedHNt3W27PItQI5S8dG2HK_lyfIXO8vHTe4ErlKuOEej6ItFsfbSVuKR-KosTl-RvWqCu3ZZtw_yJyIPTDeZlp9yDMvAd7KFc2CgQsAE8867q9ID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8y9jswCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlNEJ0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNzE3MjczMzQwODQ1NTY5Mhjx_hM&sigh=GiI0yjy4eGI&uach_m=[UACH]&template_id=419&cbvp=2&vis=1
Requested by: Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 416D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

54ms
54ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:26:10 GMT
expires: Sat, 09 Jul 2022 18:26:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:26:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=791596537.1657391170&jid=1626868247&gjid=1136581910&_gid=1293382251.1657391170&_u=YGBAgAABAAAAAE~&z=577986050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 18:26:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=672684692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=530607979&gjid=1157943717&cid=791596537.1657391170&tid=UA-5200037-42&_gid=1293382251.1657391170&_r=1&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1120251244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=672684692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1347485636&gjid=1172798321&cid=791596537.1657391170&tid=UA-23870775-31&_gid=1293382251.1657391170&_r=1&gtm=2wg6t0WCBNVW&cd1=&z=1816079731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=672684692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1626868247&gjid=1136581910&cid=791596537.1657391170&tid=UA-23870775-1&_gid=1293382251.1657391170&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=325417391

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 02:54:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55884
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 55ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe6t0&_p=672684692&_z=ccd.v9B&cid=791596537.1657391170&ul=en-us&sr=1600x1200&_s=1&sid=1657391170&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 35ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E8KWCYC304&gtm=2oe6t0&_p=672684692&_z=ccd.v9B&cid=791596537.1657391170&ul=en-us&sr=1600x1200&_s=1&sid=1657391170&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BCF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:33:38 GMT

GET
H3 200 200x200-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/200x200-logo.png

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32bf544863583cfb1afc1228953c4e6021728ba3bbb93dfca42ad3b78b6455a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 183912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3511
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:03 GMT
server: sffe
date: Thu, 07 Jul 2022 15:20:58 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jul 2023 15:20:58 GMT

GET
H3 200 200x200-frame-03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 7 KB
7 KB 12ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/200x200-frame-03.png

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c005559ec338b49cbf1043eb8fbd14312f7b4353fb98c80663ef810a062090d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6810
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:03 GMT
server: sffe
date: Sat, 09 Jul 2022 11:55:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jul 2023 11:55:38 GMT

GET
H3 200 200x200-frame-02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 8 KB
8 KB 13ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/200x200-frame-02.png

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9776daea9661cbc69a6c5dc82890ca28ae3400a2cf3a808fdb72379524d02047

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7757
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:03 GMT
server: sffe
date: Sat, 09 Jul 2022 11:55:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jul 2023 11:55:38 GMT

GET
H3 200 200x200-frame-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/200x200-frame-01.png

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074818e5917ed4e771ba49497f1a31c6b7ab3cf6de15da340de5c14d435a948e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2814
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:03 GMT
server: sffe
date: Sat, 09 Jul 2022 11:55:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jul 2023 11:55:38 GMT

GET
H3 200 200x200-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/ Frame 4BCF 11 KB
11 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6260330094686772102/DAH_200x200_Hamburg/200x200-bg.jpg

Requested by

Host: 137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

828130c69f25e8faddd6c74efb7baf23fa84ae6ab98ba083b9b907be8a6a4238

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10867
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:03 GMT
server: sffe
date: Sat, 09 Jul 2022 11:55:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jul 2023 11:55:38 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=791596537.1657391170&jid=1626868247&_u=YGBAgAABAAAAAE~&z=136034260

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
30ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=791596537.1657391170&jid=1626868247&_u=YGBAgAABAAAAAE~&z=136034260

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 54ms
18ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=791596537.1657391170&jid=1347485636&gjid=1172798321&_gid=1293382251.1657391170&_u=YGDAAAABAAAAAG~&z=1436768639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 18:26:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 422 B
456 B 55ms
54ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A404844262942%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A958263419%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(34900)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

dd266ab93f8fc411c485bfe02a97b917f739e12b2ce3b195263ab21a318dc49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 422
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 383 B
442 B 54ms
53ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A32424209710%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A169331986%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-2-h-2)clc(0-0-0)lt(34900)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e1a808202b382aa97d0d257c3ce02c559601970369e3f1f5f64219e28e46665e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 383 B
414 B 57ms
56ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A662290424674%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A1038362656%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-5-h-3)clc(0-0-0)lt(34900)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2dc5a0cf38c37eae183cc95adc13d17e562045e2d149d23d603db0f246b3955b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 190ms
91ms Script
application/x-javascript 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 51ms
50ms Image
image/png 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.tumen.kp.ru%2F&rnd=62693123900
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sat, 09 Jul 2022 18:26:10 GMT
X-Target-Final: 20220709212610-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00025
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sat, 09 Jul 2022 18:26:09 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
109 B 56ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 19:26:10 GMT

GET
H2 200 780450610*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
334 B 47ms
46ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/780450610***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: a9b54bdbefb66df89c042c7812a9cb4edc9c525066c4f7ac7e2b472526b0a3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09 Jul 2022 18:26:10 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

413852188
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188

43 B
297 B

46ms
46ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/413852188
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
76 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A32424209710%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A626614686%3Arqn%3A1%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Ads%3A0%2C0%2C97%2C145%2C451%2C0%2C%2C80%2C0%2C%2C%2C%2C892%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A32424209710%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A519351506%3Arqn%3A2%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 59ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A32424209710%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A800511147%3Arqn%3A3%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A404844262942%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A488821067%3Arqn%3A1%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Ads%3A0%2C0%2C97%2C145%2C451%2C0%2C%2C80%2C0%2C%2C%2C%2C892%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 43 B
73 B 66ms
65ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A404844262942%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A458319687%3Arqn%3A2%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A404844262942%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A612462773%3Arqn%3A3%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 98ms
97ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A662290424674%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A429753805%3Arqn%3A1%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Ads%3A0%2C0%2C97%2C145%2C451%2C0%2C%2C80%2C0%2C%2C%2C%2C892%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 43 B
73 B 100ms
99ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A662290424674%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A36149045%3Arqn%3A2%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 99ms
99ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A662290424674%3Ahid%3A846247090%3Az%3A0%3Ai%3A20220709182610%3Aet%3A1657391170%3Ac%3A1%3Arn%3A869002827%3Arqn%3A3%3Au%3A1657391170186173871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657391166903%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657391170&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(34900)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
last-modified: Sat, 09-Jul-2022 18:26:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 292E 0
0 59ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=3156625231131484&bg=!gYKlgsbNAAaYcLjmuHA7ACkAdvg8Wpj2cUzb9idrI9StCqdrSttS32qgUSKiADpfPnNYwF6umhiAeAIAAADpUgAAAAFoAQeZArrpgXXnWkgLVs1PgcMJfh7FAzh0vCW4TLnmas86lk2XdhuQ8XjYeAVY_Jqmi1riKv8tYTZMNmWClOlu5QPDVg5X3ncODwyk4tct7OEaNZEzQoroP2OCv7oiCdKF13FKcNN4s60huRhvkCZuhNI2NdA6B7U3VOTIbvFjYJgPQZO5a1ld8b244KuxxwOtefjI8e2Csc93mumuJro3PJ-hj_CnoGKrFxMHxYMQaBbYW7decPWN8Olao2xklnmyLF8ybrB5dZAXO-CXCKz3Ty0SUDILCnnSCXRwGFqUot-fkSmZrnJGHqAEcxf3i2WImFnPLx3YbR8KnYPA3XAHkcdUkSoKPv2MAAWXYbGGMG9sHwGkIpZvkTJI2NduwCmBg3IrP0NuJWXX4QKCWHCGCpegEwjm2KMeq9k8HPEJNjEO0Lpc9mMQK5XOS3ra3GHNP67jDag7lK-znT0YomXYQ6-ahb69R6xqaTGRKS_2_koDK_9iGQc5y55P0-jMd8VHVPtXiO_F_Ppegv9-IwpXfZ1Cx12jxeAOSgA9GCJLmY05qOi10EgPVtqiv_ertm9fvvbDGuVueeGn_LGYxNYb8dMMUzReiJ-n04Db0aH-CBzJCr2Apk7oxWvpnlZTBXDLmfyNmiQsZTiZgET6slEEpnAs9zhwSei2xP33n6Jgm_RhYpIUC5HYuhjH3kdTF0ix9CXcY65RgCQm2XZzgA79Wq1OHX3ytY-tSAnzkmdh9i31KNCoC3tLoAEE3cAnEet91cNEw7xgEjYQ7LSxVMohbfMXqkv40uBSNwG_6omBrcmVDqDEHZmSl5_4B5iU0OzGbc2uZf5MeoK90a6ef9Wxu0yUa1Cox8_YtBtDuWFVR-FmUHszeeizcHeAfI8zMtIKrleD2ft57Sb-oNWLBvAnztZ4KbojHau07xp_ZrJR7Q
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C3C2 81 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612847/6f581145af963d72d3b3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1269 / 593 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 63ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=c848489927332627&pm=bmo&pxo=_2jGk9qQTK4thdlPKDG7j6Ugxk6mNC4DE9AeCiDS0569Sffr9FT9wrgJcFHTfH4X4PlgKYjgIw_433W8dIGi_lAqH1mGPgfmQen3V-kEKPUr9--yAfO52wbS2v6x5INURVLRLE2QXLKweMMWdDxxVIB2zhOjNDuzWSQ-MGYWcLWhrQOapQ%3D%3D&p5=gwaok&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocg&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVCyMliFezIqVast0DSf-9C&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=khjozvt&sj=EoOkBH3FWU4o5A7XeZsTHaGoUgk6W43tc3GKlBKy97TMESBl3B9ZOCMcv5nm9A%3D%3D&puid1=adv-1657391168623-593&p1=bufhv

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C3C2 374 KB
128 KB 6ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 17:19:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C3C2 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C3C2 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C3C2 16 KB
9 KB 327ms
327ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4299863975164556&correlator=3598311512406466&eid=31068035%2C31068158%2C44768682%2C42531605%2C42531607&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_14&sc=1&cookie=ID%3D11cd127e710eae0b%3AT%3D1657391169%3AS%3DALNI_MbwTU1nzLV38-q3LGJE8QXZ9QepqQ&cdm=www.tumen.kp.ru&abxe=1&dt=1657391170574&lmt=1657391170&dlt=1657391170507&idt=56&adxs=1100&adys=486&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=bnaknkeonzx6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=791596537.1657391170&ga_sid=1657391171&ga_hid=713313260&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

504d65022d0c994ccf194575d733b7d3b0d16396cbcf48e5e80392b7a9ed912f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9088
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C3C2 14 KB
11 KB 21ms
21ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a3bec7394a80f0f4037f3e68d49b418dd393e268fba0c2073839911da8da88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10786
x-xss-protection: 0

GET
H2 200 container.html Show response
28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C31 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:10 GMT
expires: Sun, 09 Jul 2023 18:26:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C3C2 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 44ms
43ms Script
application/javascript 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l5e7wrvx
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 54f6312f05434c70fb7a24375ce7bfb1b256b0b92220ee425d589098cca0b6ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:26:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E854 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:25:46 GMT
expires: Sun, 09 Jul 2023 17:25:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 68B8 783 B
534 B 16ms
15ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5386e77da539277a8f9531cda40431675fe0f7eb923f4ceeb67646c1ec830e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cBdzqCPgu9UF8GJdZF-zsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cBdzqCPgu9UF8GJdZF-zsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:10 GMT
expires: Sat, 09 Jul 2022 18:26:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
868 B 179ms
58ms Image
image/gif 88.212.218.1
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJGQ5OGNmZDM1LWE2NmYtNDRiMi04ZDJjLTQwYTg3OTBhZWJhNhoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjU3MzkxMTcwNjMxGgguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDJmYTYxOTRlLTMxZmUtNGFhMy05ZDE1LTRkODYxNDc5Y2RlMBoILnNtaTIucnUiAS8oiA4%3D&rnd=1657391170656
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.218.1 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sat, 09 Jul 2022 18:26:10 GMT
Last-Modified: Saturday, 09-Jul-2022 18:26:10 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 143ms
45ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJGQ5OGNmZDM1LWE2NmYtNDRiMi04ZDJjLTQwYTg3OTBhZWJhNhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY1NzM5MTE3MDYzMRoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkMmZhNjE5NGUtMzFmZS00YWEzLTlkMTUtNGQ4NjE0NzljZGUwGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1657391170656
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:26:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 175ms
58ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 18:26:10 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame E854 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68B8 0
0 47ms
47ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=4299863975164556&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E854 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mL4LYw
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BD5 0
0 52ms
52ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=707081792669082&bg=!X1ylXBjNAAaYcLjmuHA7ACkAdvg8Wtr0DUNRVBvpa4fpFFRNOCyLy2fm2fnl0si0eg78-ilrjjahAAIAAAERUgAAAAFoAQcKAGx8WQ5gkQXxHC-o_B6ajzYC5OzeoS03E8NItIneMguJclm7HDuC-8JjTgDE66E8P4CAdageUAqnItoBj24s-clXpS5_ntsQ36zzAFHsNTiDrqMqrhd5hlAGSy_DMrkbLTCcJWjNZ88_hjVRzc6ZAreZb39FfzD4qG3dGr5gokBbr6YhYnZa9iDlbhz4Xntzr2G9AG_RhtqXd8reG3FoJ9jwa040sA5DzVb8w3wPnoo-9bpfG7rGgBSa70urQnmv5TJs80sRWhUUxCoA9JoQiKxAk_EtTF95mUIfZ7Fs4fREhc2GRJHCXkDP2xyP_nZqpHW_I8-7Di_2oJZltMSPLhXvf9RRvbxvT45sXhO4ORtIgZeiRrTyPZ-A-bzoQ3ylNZwM0CoLfgdMq24Cog_zfT-EoIFaqEy5MOla8p5Rk-FykKPGL1nC_Aia5YP7OECYaTbDUXwDjgd1Bv1HTJW73QYy_oKwTerDa-w9KTTgDiin0Y4E9qeEmGHT9UuI3FjgnVNfSI0iDg48PA5mH92BGeXEGrj44J3WlCpqdJ6UzsUxA--eSaeurWrnaZYHbcALkX4X_oM6UXGNjCtjbT7HNJBf8Lep6GluC0E1odkpUhaV22rj928Co7h_XdHRud8unPnDHY06suhlB8BQ8-Zsx6JRuhwtWfU4wVoxrVekHj9zMb9X65s1JgOIjvHyvnFENNegRwq0Q-XaMFzXBYzOnbVLsEk8PbwZNiSlUUFctH30T8kNC_3KMVOFgHoVoOuqXsjJekNKxWvgbvMw-xAArbSCGOZcEe05Bs0M1fMLnQU71MjboCgaF92rzGLtNGNHFIhHekg0BWx1BNxnCUImenoD-2qyWJ_rtrkjivYzfFdkTbrwLsOJLFwKyDRUx0sGGek7c17DZNW8WuT0BgGTCXULA-t0gkn3zU3P4V8YX9VeoxGAW_lfsczT_0rc-imB768metD3MqKTE9pT3PChdjtENCOsuUfno3h_ZFUn7PeGLkdq9s2Ta8Krj0a4VISYjp-bTnMFNGrb9_ZcvQ1mZ9fbgKSM80lzhZrCqTSnaq9tJBTRkIK1PA
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C124 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZw2l3zG5BPtezf5mwtVYEZKVcr5omqn2WNww6gOV78j5jkaULBwbyRg0CK1oKCTVq54y-gQ79s0C-lRoMwxEGuwCrmZholsPzheDZP13XtQApiXJUFOlGveAJ8OQaT8Dbfw9UGg324l-Abw&sai=AMfl-YQ_wfn4U6QKSNp6TohfPvDxEllx88uGOqxXrRQkJ-RGMN78nkUzlw6_hPiUkLJMk0PRmpLNJzN3XHIbUbQq8vO_kr_E_0s3x61ec63ZAQFyc5QUdeFBkQc7OyQpNA4&sig=Cg0ArKJSzFQlUecyPBLeEAE&id=lidar2&mcvt=1000&p=389,1410,989,1570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657391169562&rpt=253&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2597 15 KB
6 KB 58ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:10 GMT
server-processing-duration-in-ticks: 2631
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 59ms
58ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 18:26:10 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
367 B

6ms
6ms

Script
application/javascript

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:03:19 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1494
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 0
x-amz-cf-id: aYHQ0RHyMrPM0g0GAbbaU8z5CxwOryanVo3ia4FGppClIal0HXojFQ==

Redirect headers

location: /internal-c2/default/cs.js
date: Sat, 09 Jul 2022 18:26:10 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: xCGksjiyppvGdwvjMiGcybqcOV2q2rwLqHzHOfu6aQo5K3QRvN7Iig==
x-cache: Miss from cloudfront

GET
H3 200 container.html Show response
28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A984 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:10 GMT
expires: Sun, 09 Jul 2023 18:26:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 63ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=b9954f0999896f9f&pm=bmu&pxo=_2jGk9qQTK4thdlPKDG7j6Ugxk6mNC4DE9AeCiDS0569Sffr9FT9wrgJcFHTfH4X4PlgKYjgIw_433W8dIGi_lAqH1mGPgfmQen3V-kEKPUr9--yAfO52wbS2v6x5INURVLRLE2QXLKweMMWdDxxVIB2zhOjNDuzWSQ-MGYWcLWhrQOapQ%3D%3D&p5=gwaok&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocg&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVCyMliFezIqVast0DSf-9C&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=luqtpdf&sj=EoOkBH3FWU4o5A7XeZsTHaGoUgk6W43tc3GKlBKy97TMESBl3B9ZOCMcv5nm9A%3D%3D&puid1=adv-1657391168623-593&p1=bufhv&resp-time=407

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2597
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=qq0kfnxaSzhqdFBvaGtLcEpWaEtRbjZCN2JNdEtDTUppV1pybTZXR2FqVEIyTDlqNWxsb0oxUHF5eWJCTm1zMFBOcElPdThGY21RU1phMmgrR3FQNTR5Y2JpdVBjblByTXh0RXFRMDM3MWVZT1NOVWZSV1ZTWk1Jd3l1TT...

441 B
635 B

49ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qq0kfnxaSzhqdFBvaGtLcEpWaEtRbjZCN2JNdEtDTUppV1pybTZXR2FqVEIyTDlqNWxsb0oxUHF5eWJCTm1zMFBOcElPdThGY21RU1phMmgrR3FQNTR5Y2JpdVBjblByTXh0RXFRMDM3MWVZT1NOVWZSV1ZTWk1Jd3l1TTFyMTF6MUVhb3luN2xVQlJXMy9CK1B3N0dUNjZBU1hxaEJNSE1ML1ZWeHZBU2kvN3dWM3ZkWC9sb25QcXN3NVdQbkw1cHdlckRpeEh6MmJxYlpwSVc3QVF3WkV3YzVvOHhtODFqY2ZmSDNxeWQ1ZTA5NW9EdlpEWVZ3QVlQcXB3YS9DVElTQU5HM3ZMOURSMm1ud0tLSlpObDJNamExdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

77db5b236c460d3858f975e7cb8ce17f2e647f0b877d557636702bcc0a307080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7878
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=qq0kfnxaSzhqdFBvaGtLcEpWaEtRbjZCN2JNdEtDTUppV1pybTZXR2FqVEIyTDlqNWxsb0oxUHF5eWJCTm1zMFBOcElPdThGY21RU1phMmgrR3FQNTR5Y2JpdVBjblByTXh0RXFRMDM3MWVZT1NOVWZSV1ZTWk1Jd3l1TTFyMTF6MUVhb3luN2xVQlJXMy9CK1B3N0dUNjZBU1hxaEJNSE1ML1ZWeHZBU2kvN3dWM3ZkWC9sb25QcXN3NVdQbkw1cHdlckRpeEh6MmJxYlpwSVc3QVF3WkV3YzVvOHhtODFqY2ZmSDNxeWQ1ZTA5NW9EdlpEWVZ3QVlQcXB3YS9DVElTQU5HM3ZMOURSMm1ud0tLSlpObDJNamExdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1638
content-length: 541
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0932 624 B
297 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW7fTqglUA-wzqMJd0eo2qK2wzyY9jWjpmeoUfr51oFODmTrGpQOBliewIQYIE3hCO3g0OS0FfH0tUjavag9Afp8thMUMa9Ngk5MCi8JMPFejBKrQdV5m5aBk07e4lMFd5Ib5ICXTsKrbuAhTrjwe8hGlowoOLPoY-6EUXzDqTqCHVQTvM

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 18:26:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A984 81 KB
33 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrIkXpVHCTen0fCjxgWEpXyTUzoND2xVyP2EK0FEtgJ54c7IHAIfU-xgfHy16ab5GX85m3oaibkGnTf8MjOfDnRbWs5XRusj_NlRLwqxV9zMWr5W5YLU9B28aRsQ6B4zf7l7HKIh0nUjzTJGJ3DEzNi1DXSQ&dbm_d=AKAmf-DAXm6MZq7Z53B_HCZxut6VbApFMWa8QJ-Art5z3bM7Vh1n6sk80X_p1cguT-iqdrX7zRbo3nRq7d3T1YAfn-gHQanzeDCGFxJhNBMu9EBG2OycUOM6hJ0QCwTrmbLPF8t2K2DKIm85_ELVuwa3V5B48Q9NhZZ4rWVO7zdZIOarExDpz5SQLP6_vLhxjKISeiAQXzAuGKqiqKJYHflOsKLhkMVnN79UsQLrxBjOg-PDR-ioB8eyc6BdqfiMc1JM2fGNXZZOyPAz1y97ZIXWhpb-PV64MJONid1yLDR4xdUKZ205P4ZOtYiEiBWt4CrCKHkqdSsyuxihfpYE3Dr-rM8S6KD99TZRYiJoFnbFzz_UnggBUPOWGkl5creP4YGY2kcrOt6k1LOPRhFCygVaVElSmqIJqdY5SFVR2n7TzH75YDy2-1RT-mVwSdxjIo-vPLiybLSZvFoXNuCMnLdxn5dN9BXGgBcVOSF_rnni8aF9dUJ0rHgASV9t0WZCpO5FW-1SVAQd7e-RGMBALknsK2kVU-W5J9sfvceFebU7nz6dC6TOLn8oXS3lKxnee6pUUp5jOITAdieFWCC16CvMrDFs235sUvpp_t66gSOVix_wKNMN0Y1WFdmZyOPPr9eF77zuQmCkGEOgqrhi8JGBaebKyqyNk6NArnbQcWWP04dmlSYnzMB-AOg806vXID6hHRfHQU9ssGY3FVe8HokTcjC6nJE0xpYQiCtymoYoRkLQ3oHzh178J7JC2-8cYHP_YcZuAVPNMd4vbUdS2u63dHPgB-jA3o2YwtzaGW0r_0xPfvVO1qsd7RRRm3DIi1qKCadDEgPYUgrusVz0x2EcJg4s-fHroqUI7py7Tj-eDH4Fekc9kRSZhSaIvK9M3oL5K5KrZo0d0gXIXzXuT6e-D7FZ3BBEZiIaLavS3DuKcdS5e85skBCh8z5W_TtGDtsj37PVwKSxwFZCx-vd1iH4liXHNgPjo2EPWr4z7N1DaWS4zka1dU5bke3P4mEat8vBsu7y7_MIJztOe_K1Dg71XZ9EJZTjMPyDwPW7zCHkBgd53krB9b7lPP-5F1haJFYhuCKLWqdSt6WEcLI7YY54bJx4iygZlq-zpsDKnheLXnHhAPugkePunclK6oTk09o0m3cOO9UAE5yFlEbxk2hwe0vOBuGLylgtmjDTnvQeDbSqcDe5C71dKMZwnBHyc28rJn5TqaBUuou-vFoBT1BBbMOqhqDnksgc-xwwUikN4IrE00gAr2DE0y1ZtOrm19hmNVBMbePmZNWTn6hQgJLsfZ1ZKES7vFUHBOaBfIJH2ijgvUiJ4cXUEjDwMH-OeGE5muQPgoK6SkJsVDvmU9-1Fzp1q-umyvuVJqjqAlRnshXf-IgGQb06E7hiol7HvVvwEoAqficFobAGr7EKIqUeMa_tvJhocDmqImdrRitexUwswmD8HC7wDd0GdH8rN99Hko8Kytibvyt4a86VxExuvWX31NEuzvBaZ__fi0xwsIKK63qYiyO3vSyq51ruoEeComPMvFUYSnCT66ajYOuZASkWIo4iQqNeZpSCU1df4F-63u8mIydz6N_EU5iU9BIrpC_AW3UpPtWsNxLPiVVUPdjp728RgMaLCZWau_gwmHJtnDz9P-Ba6kc4dt8dJe_lU0wXffkG-723jf5iPHiT7Hw_6hGD6wWpCHYdccMNZu58zDfM40a9YfbBGhaB7L9CithiXUkE9VRhiRYZ5boaUvudLnoFqGH1cZIhG1hnsf4Vr7fBzBUkgAYiTAHCm9PLpbkv8OvEW9i6X5tQE9ka_zF-9JLAfC6c1WmnmU2C7HaerbMs_8cyLmeasLsSwRIG-70q82c0xvjrp593VSKdAhynObbUyyfC3QUmFFNoq5yo64fzf2uCyPL9yX_ZEVASGP-RAGcF6eG4qYg-S9bPYEAj0-WvcHRBetDZbIymLrVGwDV_yYgUkyWQllvZn1YJFIxNj-082sVzAekZBzHwmwhQfq-nQpeFt7WkQRMmwCnlxK_WKuj7uxLczOXcIQ6bn-wx3JjBr9h_OwrVUZAeDjawf1zgFRj_cmk8YlKGM8XneOdGnwbMkyT0nV_aHONQ-crHIb522Sdh7joEZX0It-RxcM6866lqN8s669awFttxltcEmrG5TD_nb8NfXluruXTI_LUztychYkOQeaMJ8Fk8kPy-R7vvC2B2bB4NX8cgw3DUBrg5rcyDmoj6Vy_GlcnXI36C8fYKGGs8fv7IBT1EGtTZWas2N8a-2VXlA0Oq-_riliH-mTqOYlY_Y93wyiu1MjG7XZDHLp2XiQOCcAtptUSZdtRB0ZM3CNS72nN62Y511F-KXARDdCItsaMI1EoOmQHe_SR9XccK_hxpR8mU0-cHjt4rNKZ3oJg5mPZtBnx5kAIEDsgCT2WjtKsuoOyd9nU15HrVa8EOLlPjRd99H3nLt7NjX9e5coa8HY0w6uZpxG4iniGhxuYk482TisPWNBuchNe4WD7rBqvNLXuz6tCikBggJpIo1GP30pEIA-z_NksPoUM8H4hXvGqZBWTow0cajSBtFZdYvGF-g4-SAFhKRwJbbwFtmWh_Xfj-MAUSUHPDPsjSUmUA4feZqNvqafj4yuzAF2ZeE1LpGGNuVjXZoCGEYkd1uIgDTtM_udIJBFWO9O5o4n7OdUmivUyZ0hDtfqRSQF8yk7NH7z-G_iC2AgSvTb-kMAlpHhKaY9e8CaZNohEF3VQYV1XO7jEJKyt7Y2G3BWMJp14UyHCknaxN88Gd2ndVtdvU86xyBqSrHk7npY-JMqyiB0x8qjAxF4TIis3W7osp6Q8RQ4R0IS6NGkfpCjX_DqLHJVf_rjOyA0y9v2GL1VSKv1hrOe0V2drBazcIK_Q5Yvka9m0-J9x08UAt8d-AT-DciyPcsiFCZ3beKukpWdzm44KlkQVjk4eiNn5OR5nKd0fP4nEi1OAfncVSWklWfacPeh9bOVTi8hMev2NH7hNXwEqbXsb5gJZc3L0hExszUecMLGihsU-7RDzYmEpukvOMaNR_gjF6C-kB_OGvzCcsoZh0SXhAH-HNnpQ3fmC65XuDrCDAPG_DqLJpJr2TZBYFyA31DycH2-rAMlX2mBhS80eS0TrTG0V1ocJzU-QdIfzAnuhiQykNo_akDNEJv7QqjpTgOqyxOKODMkjRZ_3sNpEkuLZTTiyLMcM18RkjA5ZNMK5JoeiRsyeh1oxFfLOLLchrhuq06udnMYxOatwADbzhnpjbzNsuF0H0x_F00mMy_DYQ8sNLoY772Cd1hjQP40JFOc2mftoogXyDG8nxjlLwWIj7SGMEoH7xKn6GkYW-40oyhCM_R1OmmVK9B63SceyGzOo6OX8iYZfa6IyRIpY5ptI-fAfWd_O5mYfPO1ku45C5KagaRg&cid=CAASJORos5yMweaIaGEFY1Jw_tPFssDNfbKLxRzcrkJ2iIfpmjYx8g&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33acb28b4e92328f3608d5e64fd89d6bf96d1a784db1c0adaf7514b04e4c1bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEEmrRJ3rX-RKe9iAsT-JwsLl_njBSXXBh1hmuF2_VllKuTWHIMYZrxIV5yO1F8MSfFftVxQFmd3CcnGffFntaDYQnf96jcFrhE6RQZyygtcbK3gc

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame A984
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif

43 B
482 B

62ms
6ms

Image
image/gif

2600:9000:223f:dc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 29124697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: kT2BEhqnpGtN0W4vESTmL18e1jwyaaBx2VWNmB29-nM1ZPrXD6LxcQ==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-server-name: app20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame A984 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:09:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A984 137 KB
42 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame A984 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A984 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS38gBn-dC9dHlTComiYWsK_aZ_nKrC4FvH1Ea8lP5I16rc2n06M1k9TmkK3AVJkHt0goa6ptd61VVQNCPqUaMGIF4YQ
Requested by: Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0932
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1

43 B
939 B

30ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW7fTqglUA-wzqMJd0eo2qK2wzyY9jWjpmeoUfr51oFODmTrGpQOBliewIQYIE3hCO3g0OS0FfH0tUjavag9Afp8thMUMa9Ngk5MCi8JMPFejBKrQdV5m5aBk07e4lMFd5Ib5ICXTsKrbuAhTrjwe8hGlowoOLPoY-6EUXzDqTqCHVQTvM
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72831b42fb549b39-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp1Bp8vOSqm6viIq5fixrDeuK3TinZTo94XGgAub%2BtDAeWSjC5QU6EZ1Bvdp7DQH27d7JGxmP2Kk4vHtolr16ubT5ilFZyaKhf2I7vNlcHxNdn85tnRGvhnieSm6koObmNrMmiv7OYfWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0932
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsnIQp6n66oCQ2q5vZ5JWwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1

43 B
908 B

48ms
47ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW7fTqglUA-wzqMJd0eo2qK2wzyY9jWjpmeoUfr51oFODmTrGpQOBliewIQYIE3hCO3g0OS0FfH0tUjavag9Afp8thMUMa9Ngk5MCi8JMPFejBKrQdV5m5aBk07e4lMFd5Ib5ICXTsKrbuAhTrjwe8hGlowoOLPoY-6EUXzDqTqCHVQTvM
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72831b435bd09b39-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kjhm1xHDTxd%2F6FMBnKpK4y1iPQxJGfgEA5nQCYXwyjxcVoCvIps9jZ6S0dLRaYebXJ5BcuC9b1ckGR3ejhFjXA4K%2BqzcmRvInB4GSsE3WdjZ2xDGDP3VtvAkuj3YVwAbkPJOcRfq6Jf65g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPjirs4OOoAiJOLMmsaLg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0932
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXiYbAbJloPe7cLIoU1S50&google_cver=1

43 B
1014 B

7ms
7ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJXiYbAbJloPe7cLIoU1S50&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW7fTqglUA-wzqMJd0eo2qK2wzyY9jWjpmeoUfr51oFODmTrGpQOBliewIQYIE3hCO3g0OS0FfH0tUjavag9Afp8thMUMa9Ngk5MCi8JMPFejBKrQdV5m5aBk07e4lMFd5Ib5ICXTsKrbuAhTrjwe8hGlowoOLPoY-6EUXzDqTqCHVQTvM

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:11 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a2647e27-3d9c-437b-b2c8-68a07eabdaef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJXiYbAbJloPe7cLIoU1S50&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0932
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDk0NzI1NjQ0MDI1Mzk3NQ%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDk0NzI1NjQ0MDI1Mzk3NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 18:26:10 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c3ce6e34-0bb1-4b7e-8da1-92824de1d151
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDk0NzI1NjQ0MDI1Mzk3NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 62ms
61ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9c5cf6bff18094b7&pm=bmp&pxo=YSx6KmSg-7t7c_xNOytXUeouB5vrRHl1glLMh0PthghTQ6xhAzFMRisY82ZDTiMRfvGnmoFvCq4clNwuZNxdHvsjKqQeC3h6uflddC8LxZvKhW4VH0ONhjMy70kIdIsqkVt0tfdS7mXNdnxeaoEwnf8PfgVN7UbgRklCTo3zRwFhA5XsO_f9&p5=gwdbk&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=glgczft&sj=0JUs5rPDqe81p4B7umbPjzQ_De86wAt6QdK28UPWAChYxt5vecMP0DPpeIKoEQ%3D%3D&puid1=adv-1657391168618-212&pr=jkgosjf&p1=cdinl&rqs=QGz_Z1uUlBVAyMlixxNGf7MzBciXivhD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:11 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A984 106 KB
38 KB 56ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
Origin: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 14:10:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame A984 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrIkXpVHCTen0fCjxgWEpXyTUzoND2xVyP2EK0FEtgJ54c7IHAIfU-xgfHy16ab5GX85m3oaibkGnTf8MjOfDnRbWs5XRusj_NlRLwqxV9zMWr5W5YLU9B28aRsQ6B4zf7l7HKIh0nUjzTJGJ3DEzNi1DXSQ&dbm_d=AKAmf-DAXm6MZq7Z53B_HCZxut6VbApFMWa8QJ-Art5z3bM7Vh1n6sk80X_p1cguT-iqdrX7zRbo3nRq7d3T1YAfn-gHQanzeDCGFxJhNBMu9EBG2OycUOM6hJ0QCwTrmbLPF8t2K2DKIm85_ELVuwa3V5B48Q9NhZZ4rWVO7zdZIOarExDpz5SQLP6_vLhxjKISeiAQXzAuGKqiqKJYHflOsKLhkMVnN79UsQLrxBjOg-PDR-ioB8eyc6BdqfiMc1JM2fGNXZZOyPAz1y97ZIXWhpb-PV64MJONid1yLDR4xdUKZ205P4ZOtYiEiBWt4CrCKHkqdSsyuxihfpYE3Dr-rM8S6KD99TZRYiJoFnbFzz_UnggBUPOWGkl5creP4YGY2kcrOt6k1LOPRhFCygVaVElSmqIJqdY5SFVR2n7TzH75YDy2-1RT-mVwSdxjIo-vPLiybLSZvFoXNuCMnLdxn5dN9BXGgBcVOSF_rnni8aF9dUJ0rHgASV9t0WZCpO5FW-1SVAQd7e-RGMBALknsK2kVU-W5J9sfvceFebU7nz6dC6TOLn8oXS3lKxnee6pUUp5jOITAdieFWCC16CvMrDFs235sUvpp_t66gSOVix_wKNMN0Y1WFdmZyOPPr9eF77zuQmCkGEOgqrhi8JGBaebKyqyNk6NArnbQcWWP04dmlSYnzMB-AOg806vXID6hHRfHQU9ssGY3FVe8HokTcjC6nJE0xpYQiCtymoYoRkLQ3oHzh178J7JC2-8cYHP_YcZuAVPNMd4vbUdS2u63dHPgB-jA3o2YwtzaGW0r_0xPfvVO1qsd7RRRm3DIi1qKCadDEgPYUgrusVz0x2EcJg4s-fHroqUI7py7Tj-eDH4Fekc9kRSZhSaIvK9M3oL5K5KrZo0d0gXIXzXuT6e-D7FZ3BBEZiIaLavS3DuKcdS5e85skBCh8z5W_TtGDtsj37PVwKSxwFZCx-vd1iH4liXHNgPjo2EPWr4z7N1DaWS4zka1dU5bke3P4mEat8vBsu7y7_MIJztOe_K1Dg71XZ9EJZTjMPyDwPW7zCHkBgd53krB9b7lPP-5F1haJFYhuCKLWqdSt6WEcLI7YY54bJx4iygZlq-zpsDKnheLXnHhAPugkePunclK6oTk09o0m3cOO9UAE5yFlEbxk2hwe0vOBuGLylgtmjDTnvQeDbSqcDe5C71dKMZwnBHyc28rJn5TqaBUuou-vFoBT1BBbMOqhqDnksgc-xwwUikN4IrE00gAr2DE0y1ZtOrm19hmNVBMbePmZNWTn6hQgJLsfZ1ZKES7vFUHBOaBfIJH2ijgvUiJ4cXUEjDwMH-OeGE5muQPgoK6SkJsVDvmU9-1Fzp1q-umyvuVJqjqAlRnshXf-IgGQb06E7hiol7HvVvwEoAqficFobAGr7EKIqUeMa_tvJhocDmqImdrRitexUwswmD8HC7wDd0GdH8rN99Hko8Kytibvyt4a86VxExuvWX31NEuzvBaZ__fi0xwsIKK63qYiyO3vSyq51ruoEeComPMvFUYSnCT66ajYOuZASkWIo4iQqNeZpSCU1df4F-63u8mIydz6N_EU5iU9BIrpC_AW3UpPtWsNxLPiVVUPdjp728RgMaLCZWau_gwmHJtnDz9P-Ba6kc4dt8dJe_lU0wXffkG-723jf5iPHiT7Hw_6hGD6wWpCHYdccMNZu58zDfM40a9YfbBGhaB7L9CithiXUkE9VRhiRYZ5boaUvudLnoFqGH1cZIhG1hnsf4Vr7fBzBUkgAYiTAHCm9PLpbkv8OvEW9i6X5tQE9ka_zF-9JLAfC6c1WmnmU2C7HaerbMs_8cyLmeasLsSwRIG-70q82c0xvjrp593VSKdAhynObbUyyfC3QUmFFNoq5yo64fzf2uCyPL9yX_ZEVASGP-RAGcF6eG4qYg-S9bPYEAj0-WvcHRBetDZbIymLrVGwDV_yYgUkyWQllvZn1YJFIxNj-082sVzAekZBzHwmwhQfq-nQpeFt7WkQRMmwCnlxK_WKuj7uxLczOXcIQ6bn-wx3JjBr9h_OwrVUZAeDjawf1zgFRj_cmk8YlKGM8XneOdGnwbMkyT0nV_aHONQ-crHIb522Sdh7joEZX0It-RxcM6866lqN8s669awFttxltcEmrG5TD_nb8NfXluruXTI_LUztychYkOQeaMJ8Fk8kPy-R7vvC2B2bB4NX8cgw3DUBrg5rcyDmoj6Vy_GlcnXI36C8fYKGGs8fv7IBT1EGtTZWas2N8a-2VXlA0Oq-_riliH-mTqOYlY_Y93wyiu1MjG7XZDHLp2XiQOCcAtptUSZdtRB0ZM3CNS72nN62Y511F-KXARDdCItsaMI1EoOmQHe_SR9XccK_hxpR8mU0-cHjt4rNKZ3oJg5mPZtBnx5kAIEDsgCT2WjtKsuoOyd9nU15HrVa8EOLlPjRd99H3nLt7NjX9e5coa8HY0w6uZpxG4iniGhxuYk482TisPWNBuchNe4WD7rBqvNLXuz6tCikBggJpIo1GP30pEIA-z_NksPoUM8H4hXvGqZBWTow0cajSBtFZdYvGF-g4-SAFhKRwJbbwFtmWh_Xfj-MAUSUHPDPsjSUmUA4feZqNvqafj4yuzAF2ZeE1LpGGNuVjXZoCGEYkd1uIgDTtM_udIJBFWO9O5o4n7OdUmivUyZ0hDtfqRSQF8yk7NH7z-G_iC2AgSvTb-kMAlpHhKaY9e8CaZNohEF3VQYV1XO7jEJKyt7Y2G3BWMJp14UyHCknaxN88Gd2ndVtdvU86xyBqSrHk7npY-JMqyiB0x8qjAxF4TIis3W7osp6Q8RQ4R0IS6NGkfpCjX_DqLHJVf_rjOyA0y9v2GL1VSKv1hrOe0V2drBazcIK_Q5Yvka9m0-J9x08UAt8d-AT-DciyPcsiFCZ3beKukpWdzm44KlkQVjk4eiNn5OR5nKd0fP4nEi1OAfncVSWklWfacPeh9bOVTi8hMev2NH7hNXwEqbXsb5gJZc3L0hExszUecMLGihsU-7RDzYmEpukvOMaNR_gjF6C-kB_OGvzCcsoZh0SXhAH-HNnpQ3fmC65XuDrCDAPG_DqLJpJr2TZBYFyA31DycH2-rAMlX2mBhS80eS0TrTG0V1ocJzU-QdIfzAnuhiQykNo_akDNEJv7QqjpTgOqyxOKODMkjRZ_3sNpEkuLZTTiyLMcM18RkjA5ZNMK5JoeiRsyeh1oxFfLOLLchrhuq06udnMYxOatwADbzhnpjbzNsuF0H0x_F00mMy_DYQ8sNLoY772Cd1hjQP40JFOc2mftoogXyDG8nxjlLwWIj7SGMEoH7xKn6GkYW-40oyhCM_R1OmmVK9B63SceyGzOo6OX8iYZfa6IyRIpY5ptI-fAfWd_O5mYfPO1ku45C5KagaRg&cid=CAASJORos5yMweaIaGEFY1Jw_tPFssDNfbKLxRzcrkJ2iIfpmjYx8g&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:24:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame A984 27 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:21:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A984 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:50:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6990 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A984 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60a9a90526a866ca866c5891ba0c34ee6c6e0dfe1acd84fd004c3ff2fa22ba9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8462 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6990
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHE34CsdeCDsBR-41R67VFE&google_cver=1&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3hLC442YADwy6

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3hLC442YADwy6

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 09 Jul 2022 18:26:11 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D_4qkxQw27_lCVN0bjNeDyQROubHu_-MIuwK0U8gWz5q6IJmL0WRVSIWEneWCk1UKECyT-hYHTJNKhpje3hLC442YADwy6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 09 Jul 2022 18:26:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6990 70 B
265 B 96ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECE30ofiq62_3TFiKb8P6-c&google_cver=1&google_push=AehlK4A5lRhI1CTrZQG7AUTvEvAw-VUbZ1lanUmcCjUdYexAFzqairW8fM9jKpHiYB2aQvC0JkUdwMjizOCRxIKfRzzd15pnAYf1
Requested by: Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6990
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBWsfj_sXaru0HYLemN3Qgw&google_cver=1&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBWsfj_sXaru0HYLemN3Qgw&google_cver=1&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8eef547a-4183-4a71-83ba-3e14bfeafae1&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn&google_hm=qlhV21rIS72IrnV__yNtjA==

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn&google_hm=qlhV21rIS72IrnV__yNtjA==

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4ARQV9PwqHzYf3gxw6ZHQ5stdqzAa51Pa41kBkfSi2Sbx4F3JRBk4DLMXABvFFMatGc_DHonq74tZFcMu-FAQJ2lAdgQevn&google_hm=qlhV21rIS72IrnV__yNtjA==
Date: Sat, 09 Jul 2022 18:26:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6990 0
12 B 30ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6AOMtAvPQ_Vf7pAaY5lp6VH6NFs_mAKlrVeNEfeGisQ

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/ Frame 56AF 11 KB
4 KB 21ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 159244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3893
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 22:12:07 GMT
expires: Fri, 07 Jul 2023 22:12:07 GMT
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A984 0
622 B 90ms
53ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6N8qbiyBimDGzl69Gs6y6oEbIr26oMHHT6dQRAWUnDEfnYOQOhGZZiMy5aCwPrhAHIjImOFkdxowFAhwNAXZxCLXLT6l9aZO8yE9GvckLHe3gN79qyZFw9JdmFkQ3LWUWtEOk4Vs0vgnxPbhuUnPRfrzGf-keR0DfEeX3tzhueWglLik-Fwm1vvRSPOBSxSx0FONy2YhILLQ0bOupdOWwMdgbFISwp2pTAdbT8xL1jervbekXtdMEI6prVQ6JHqWWheit245HBUp8Z1DLZ4nwsxCgnRxRTtTQkFXAVw57dlMSmZHpz_X4WAz_y6oJR0HzPNAQaQbTrnH7uj1rgeGHPNDkTyehYVa0mM_YPMsWhMbWrK6eTG-INwSpIOwEJ7JCdHo7aGvlblVEyB1FE4xS3ENiY4XwiNUPB9ICa_GZqIjafJwiHSm05n3VLvWYSa3_4VqBkKlpj00ddi24wJ6qar6OJFkO4vV_pgTNan8sDLdDPWPpAVMHR4Pi2YthdUAyjwNvWtP4FUiaS3hO1saTSiSXouLNp2-M7RQ7GALl9b-Ko342MJU2Pe4EpgYs6aNuCT33hd1TnR4-ghyzT2mW-xrdE4wvuGa6_RBhkaJHX3eTZ3JFa4ANZLY64ZhffFdjVfQZUeLkhj_GbMu1hFgVbcnx2fRn8TRj-uNb4UxIjVC3XiwEFSfgUcYkMAEehX_hpQd2jL9FaQKxX62Q3R61PM1a3Js_S3q97t_yfVzjw9pExKu8UmxFJObwuyYaqItKb4pGBNFjaIdZhgRgtl51FBuEtWkXdUAKu-kmpmLDI7S8HfEIM_DOQNZQ2e4SwXyyspuCdeiCDNVSMMqPzZQZHGYu8LznmZkLYPR1GQ78ZJPcJ4Ks8SqxMEL_9arMTApsRXLR3SE7dITMFlzbtbbc9ogjoPdageZf6sqHiMdEaZgflAddxZEMaG1CU5XnS1dg9mmu_bj87OxgQHTg0hgXhGAWYUVwrH-5_VbwIhUIAwQ-sQ4V2HYTDrk0h58InRlzfNDJxCgEWAyJ1jV-MlmZO9NMonJlHFe-9rytwfwuF3FWoiemqvuqQmctQkR3WrngB8LAqeDEt3CPoQKUQ9V9k9aJfm0Ox7Gvkyy85ZzhTnnJ4CCPiy4Dv13Ay5b6AyeA1i7LSWSFbP8wm2Bj3HdMr2teBQn2ZykxLWlIagQXFheCGslhVI7itp6gJ5obzYQhwkPnGrAjWIOcZIE3-nvarZkvSKuCSEzO02N4gcPhx1ksgrO2_5LfHo3PbW5s21azfcm9OHvL_PDGOU5wKeuc8GryzMAOrcPqq8lpHYAtKys&sai=AMfl-YQg-aK6g-CRu42JWQ90MzzDk-shKQ13yPdFiUD0OMRhvAHXFx0w_DJuuSLElxlRG3PMMjEc4EzwEoXnlu9nSSTKxGHKTjDt14VlE-93DbG_gi9oz58cWJrcwbPL3dA8UWYjnX0d6v08FrgJUi3a-4E-fkH_i9sEo868hcDH5B76u7Qjh20OVIAX9G626qNp1unOPmvhsoVgJDMk0Y1ZYg&sig=Cg0ArKJSzIbi0Z90rkRMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&cbvp=1&cstd=81&cisv=r20220706.91634&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 18:26:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame A984 43 B
1 KB 63ms
16ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008206547&extPm=432126982&extCr=17610765076&gdpr=&gdpr_consent=&rnd=613119745

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 09 Jul 2022 06:26:11 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 09 Jul 2022 18:26:11 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame A984
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr...

42 B
964 B

259ms
258ms

Image
image/gif

52.210.118.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr_consent=

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

52.210.118.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-118-181.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-038f795ef.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FBFugFB3QFs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-0d2bb26fc.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hG1CM3zZTu0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173773939&d_placement=339726501&d_campaign=28084662&d_bust=613119745&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8462 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 56AF 236 KB
63 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 18:26:11 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/ Frame 56AF 50 KB
10 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2c75035573ba50ecea6928f247fead55ba508775205673807af3fcdd0b35e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10669
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:07 GMT

GET
H3 200 bg_wow.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 1 KB
1 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/bg_wow.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d22c8a80e52af612e5a186582044338158fa5f45350cd506f4448a6593b8db11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 159244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:07 GMT

GET
H3 200 K1.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 28 KB
28 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81ebf55769799aa4b2d2cb138767a82b538d5eb649714450e9b80489c5ed533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 159244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28301
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:07 GMT

GET
H3 200 K2.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 31 KB
31 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97196ac8e90e6d190ee5aef7a9d1a903d152e5760d6c0d55cb2bc5be7b2e19d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 159244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32047
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:07 GMT

GET
H3 200 K3.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 27 KB
27 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d3dc8510f68191b6b2af6f613b0f0a1d59583bfae870ee1a8c940982147dfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 159244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28099
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8462 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bej13QsjJYvLuOaq6x_APnuOE2AIAAAAAOAHgBAI&bg=!FRalFlLNAAaYcLjmuHA7ACkAdvg8WgE1KMiyMBVwwJXgWeOjw2Q3Gkvy9SdrXvxIXGfPCuawHzquAwIAAABnUgAAAAJoAQeZAvlVgJgCVqwnFREt9TaSl8yl4vGDHRCc7o0NM54f21OGRdawj7QEZRKiI8g4VOs-k3tP9A0eD6zN8SfLYVXUDsggz1W3hLA8yk2JCFP_J0prr4cu8KQPhkBp6Kdky4Ustl8RbDQU7qfDAvSe2ETzuZDndfKGJ71XAGoKcZiuxgz5QrJ4fN1lWFfK6u9lQgDZX9bUcHzTOO52tVasAvMcptbVN56rEO5rBHZPP6crO14MLVEXa_1U68WOZP9ibYP9mmybHG9pt0hsodSr1_p95XjeTndwtp_AJWbjQnIqJGckFnIJu4fFzu8HAGMOa62HgjSDIu_FpwVIhWA0yX1yK-QxaNyo9rYNN8kyNahHF4o7SZFL4nsPXMGn_jjAShEFuuJDbvkLR_q_mbiaKVMTY53I_l2lvINAFUBLiF9tCEz82e1jCo6Ugk9wjya9J0wJokB2Gi99oa0I6m6F-GMNA0p_33r0zJ7pefGzamAadUxD9ZOJFFWQCb0M5MNIrqrPn1pYQrLU18Sqk1pk9LXLq47CFnukTBMziBqyyEEMcrqLvY-fEN4cHxslM__MyhNKMFm1SPjmBwM-8P7DHBFHwu7gv_6JzpwXwnbQ336OQyl0F2QkY7wYtiSgi0GMUniG2FjswausuPimFBaYxjjRB-TikrYjuZXFvGP7OC96M2WXOW0lk6xr2Fp2Y7m7dPzCu6OFWITbZQoB3HXK8ACbVxCf5sR8w_RC6MjukgaiWxSFTVBL0x38tWocgfUS-_k_aE9v31sLGVO6kwf6ZFNT6lRfHG2SEWPWrG-TOaXSqtye3uoYT0Jc4oqsUzrcGyGTjxf7zrFRpMiHNHR3CzQVVz6e3gSaLSwXOmGFkFmNJTYYyGNVUhBNiimns41vDUGvxRA7Fb6kIHael2mtGUqfJDC1PLdbioBCuFiIg9wWU4_bN8yZlVanSk-hkaVMSXE32JxETxtYYvX-RVI0TK6KhrH3kRzQ_SX0c1Rdj7x8UqNlL9Q7QZ5T3zvSwA

Requested by

Host: 28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
URL: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 K4.jpg
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/K4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa229122eb787ef65850e39e9f4aa7496f2f1d5ed8356a035bedb3139f8b9c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:08 GMT
x-content-type-options: nosniff
age: 159243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26980
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:08 GMT

GET
H3 200 Logo_WOW_FX1.png
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 20 KB
20 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/Logo_WOW_FX1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee881663bf9c5f2464f2f0b194d707e4c46801fe391ac108fa91ccfa97ed0ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:08 GMT
x-content-type-options: nosniff
age: 159243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20220
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:08 GMT

GET
H3 200 Logo_WOW_FX_end.png
s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/ Frame 56AF 22 KB
22 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/images/Logo_WOW_FX_end.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13678958165436077852/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:12:08 GMT
x-content-type-options: nosniff
age: 159243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22707
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:52:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:12:08 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A984 0
26 B 59ms
45ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6N8qbiyBimDGzl69Gs6y6oEbIr26oMHHT6dQRAWUnDEfnYOQOhGZZiMy5aCwPrhAHIjImOFkdxowFAhwNAXZxCLXLT6l9aZO8yE9GvckLHe3gN79qyZFw9JdmFkQ3LWUWtEOk4Vs0vgnxPbhuUnPRfrzGf-keR0DfEeX3tzhueWglLik-Fwm1vvRSPOBSxSx0FONy2YhILLQ0bOupdOWwMdgbFISwp2pTAdbT8xL1jervbekXtdMEI6prVQ6JHqWWheit245HBUp8Z1DLZ4nwsxCgnRxRTtTQkFXAVw57dlMSmZHpz_X4WAz_y6oJR0HzPNAQaQbTrnH7uj1rgeGHPNDkTyehYVa0mM_YPMsWhMbWrK6eTG-INwSpIOwEJ7JCdHo7aGvlblVEyB1FE4xS3ENiY4XwiNUPB9ICa_GZqIjafJwiHSm05n3VLvWYSa3_4VqBkKlpj00ddi24wJ6qar6OJFkO4vV_pgTNan8sDLdDPWPpAVMHR4Pi2YthdUAyjwNvWtP4FUiaS3hO1saTSiSXouLNp2-M7RQ7GALl9b-Ko342MJU2Pe4EpgYs6aNuCT33hd1TnR4-ghyzT2mW-xrdE4wvuGa6_RBhkaJHX3eTZ3JFa4ANZLY64ZhffFdjVfQZUeLkhj_GbMu1hFgVbcnx2fRn8TRj-uNb4UxIjVC3XiwEFSfgUcYkMAEehX_hpQd2jL9FaQKxX62Q3R61PM1a3Js_S3q97t_yfVzjw9pExKu8UmxFJObwuyYaqItKb4pGBNFjaIdZhgRgtl51FBuEtWkXdUAKu-kmpmLDI7S8HfEIM_DOQNZQ2e4SwXyyspuCdeiCDNVSMMqPzZQZHGYu8LznmZkLYPR1GQ78ZJPcJ4Ks8SqxMEL_9arMTApsRXLR3SE7dITMFlzbtbbc9ogjoPdageZf6sqHiMdEaZgflAddxZEMaG1CU5XnS1dg9mmu_bj87OxgQHTg0hgXhGAWYUVwrH-5_VbwIhUIAwQ-sQ4V2HYTDrk0h58InRlzfNDJxCgEWAyJ1jV-MlmZO9NMonJlHFe-9rytwfwuF3FWoiemqvuqQmctQkR3WrngB8LAqeDEt3CPoQKUQ9V9k9aJfm0Ox7Gvkyy85ZzhTnnJ4CCPiy4Dv13Ay5b6AyeA1i7LSWSFbP8wm2Bj3HdMr2teBQn2ZykxLWlIagQXFheCGslhVI7itp6gJ5obzYQhwkPnGrAjWIOcZIE3-nvarZkvSKuCSEzO02N4gcPhx1ksgrO2_5LfHo3PbW5s21azfcm9OHvL_PDGOU5wKeuc8GryzMAOrcPqq8lpHYAtKys&sai=AMfl-YQg-aK6g-CRu42JWQ90MzzDk-shKQ13yPdFiUD0OMRhvAHXFx0w_DJuuSLElxlRG3PMMjEc4EzwEoXnlu9nSSTKxGHKTjDt14VlE-93DbG_gi9oz58cWJrcwbPL3dA8UWYjnX0d6v08FrgJUi3a-4E-fkH_i9sEo868hcDH5B76u7Qjh20OVIAX9G626qNp1unOPmvhsoVgJDMk0Y1ZYg&sig=Cg0ArKJSzIbi0Z90rkRMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&vt=11&dtpt=181&dett=3&cstd=81&cisv=r20220706.91634&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C3C2 0
0 52ms
52ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=4299863975164556&bg=!LS6lLmrNAAaYcLjmuHA7ACkAdvg8WvngAoo8ifjAR5goV_LrGwaxitigN7kZLFU0_FZVdADozDU67QIAAABBUgAAAAJoAQeZAqcOdx-k0qXXlueKdganj1s8kMXya8DfLX-ZVgZh8XPeQ337kbjTlErjH3EsSkqTEpdrQKzklq4_gqYb2fABoTYWtJlEK5PGXx6wFHv2OXGbbHgEkQi5xqM4Ug0tND94CBp501A4PYL6ds5N17HjydAsDaz4eulGwDI9d4gdmACiD5sXxmaU3RhRZJ3VMVRu6-gIfmVamAN3ey2C1N5MJVCT8KBTaf-GBZd8e-6L8aGtIW3xgt9ioHszyl3abYxeQekkAvngHMUxgDVG5B8icQeDkk_YMTwlQX9v1TMuER8XEJgGqUZ9zQcxrOXNz2pQjjy-sz93tRuVkQ81usR5j5aSDYjY58Uh7MXof3_dqCOaxI62veXJsd2Oj0YwrUa2yJoSMXtWGpdqpQz4zTh1TFry_egw24l1T9WZy4umDLfEFQa4Dc2fiIszxY9U62q6_aFzmLC0lu21hOiJubUvWewsj_pI7sgmuBqHiS6Z_T02eh4di6Uqj8Eo4mZOSWtj595uXHm7SIxRigdwa04uknvwKoZi_cFyQ1JkxUr5BBMGcQh4cF2N7yreLdZ27pRPJaEIQL5HJzGPBw2yG-vtu0P0Dr9MNDPCH9wIbLSE4eLBtJwNWhg55H8ywgRl5DiIxDKfuGWuMN3jD9mMwpRsIAs6B0saMRwVMaZV1dS80FaMlcUj82QN9pjSpeEOYZf6Nr6vUgCxrGHpKnOeNU07b2QE0wljH-St1iqN_SvE9p8vF_QgFoyUpIeyq2ephc2KB25JXh15URue3iXNVxNkkJDOFEgd1vA0Cj99DUjaOeueIIqdibSFKkliX5oUm26B0-Glt68fsEGPWi1dVY78w1s4j8ae35vNPbUFHpkozGu4odoD-CZRc77iI3cK4A3jqrBpLFtd0KS7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame E191 105 KB
37 KB 47ms
46ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 06:25:20 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 1b178745eeb5cc0d

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame E191 158 KB
56 KB 109ms
109ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 19:26:11 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame E191 403 B
634 B 80ms
80ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.tumen.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8a1209401e50da1707bfbd6b637d5948bb2e7fc38ed3c890402701a3945d61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 64ms
64ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=623fbb2550f8aac4&pm=bmp&pxo=hPd0eyfirn0CJ9DyMGXT2vSMo8DHI1CoxF094aOr07vQRlg4TPiNbv5W-Rz2UF9kmQPOj_97qBJaPOBlZpvqYqfLOzSPq1X-o0__AfqK0VD982VkoPC_9xt49baBAIkWK4xmHHFIXlV-uSoLH65k4sx7ILu8YOKA7Na8P1_vIA8yOfX5&p5=gwefg&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocf&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVByMliyrs-vWssGYh-7IF0&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=fhnfmbi&sj=CsUJ4irhOqqIvWov5AQbwzu_vFi63DD7EoFG3EfyY7vlNxq-u3VCRbXUTEWTNQ%3D%3D&puid1=adv-1657391168622-692&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:11 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame E191 40 KB
15 KB 59ms
24ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 18:26:11 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame E191
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q8jJYpmKH67TxgKVi4vwBA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930&ipr=y

42 B
64 B

33ms
17ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930&ipr=y

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1186894763&crd=&is_vtc=1&random=2172965930&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame E191
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q8jJYvSKH9Go1waO65ugCQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897&ipr=y

42 B
64 B

38ms
22ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897&ipr=y

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1199077056&crd=&is_vtc=1&random=2692868897&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E191 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657391171547&cv=9&fst=1657391171547&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402873f4ee41dfac8ef102b357be254757bc32540ca42acd252d18533027c066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E191 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657391171552&cv=9&fst=1657391171552&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e7e1b3cde3957bba39b431051070a4bb06fbf2408118e94aa36ba5d2fb39c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E191 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657391171557&cv=9&fst=1657391171557&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7955caf7cc5a40b753096c9844b13d2e0e28a683b54f6f29f878ad923d157e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E191 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657391171558&cv=9&fst=1657391171558&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d1757737ee648861ccaaba694bea6841ba6d9704f82c294790f15f42b238f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame E191 167 B
262 B 61ms
59ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A799114276843%3Ahid%3A137486008%3Az%3A0%3Ai%3A20220709182611%3Aet%3A1657391172%3Ac%3A1%3Arn%3A248238641%3Arqn%3A1%3Au%3A1657391172343910821%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657391169390%3Ads%3A0%2C66%2C34%2C1%2C0%2C0%2C%2C120%2C0%2C223%2C223%2C0%2C222%3Aco%3A0%3Ast%3A1657391172&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3596809d7f1929d6fdfb6af8ec94ac1a5a7c63a04bf47018fb0800ad8410ab47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:11 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame E191 43 B
72 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:26:11 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 19:26:11 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame E191 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657391171547&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1857887036&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame E191 42 B
64 B 33ms
19ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657391171547&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1857887036&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame E191 42 B
64 B 22ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657391171552&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2272618063&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame E191 42 B
64 B 34ms
20ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657391171552&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2272618063&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame E191 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657391171557&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4287333850&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame E191 42 B
64 B 32ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657391171557&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4287333850&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame E191 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657391171558&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=840056044&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame E191 42 B
64 B 32ms
19ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657391171558&cv=9&fst=1657389600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=840056044&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame E191 350 B
385 B 56ms
55ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A254849586248%3Ahid%3A137486008%3Az%3A0%3Ai%3A20220709182611%3Aet%3A1657391172%3Ac%3A1%3Arn%3A229107367%3Arqn%3A1%3Au%3A1657391172343910821%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657391169390%3Ads%3A0%2C66%2C34%2C1%2C0%2C0%2C%2C120%2C0%2C223%2C223%2C0%2C222%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657391172%3At%3A&t=gdpr(6)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

184af66775baea8775e1c9b2c2219b5f4315ca37f799b5547e0073c6be638c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 18:26:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 18:26:11 GMT

GET
H2 200 1Ma0YoRJ0HW200000000U9nJTCZvdnuzPOgeuQ6pJrhN2QyrjNGuSJA90GWyOIAXtSn5BB5zQGmCgOn0ySn3PnTKWyHBPO2ysXGWqSe88Zj1ia30n32JSQeBXBsGSOyqXBMIyPi4XBMNyOoB0CDHCFyi8qZJLJ1vbv51Xe7fB-Ci9WQ6kKmWaQLCfvWP6DOo_GAop... Show response
yandex.ru/an/rtbcount/ 43 B
132 B 59ms
59ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Ma0YoRJ0HW200000000U9nJTCZvdnuzPOgeuQ6pJrhN2QyrjNGuSJA90GWyOIAXtSn5BB5zQGmCgOn0ySn3PnTKWyHBPO2ysXGWqSe88Zj1ia30n32JSQeBXBsGSOyqXBMIyPi4XBMNyOoB0CDHCFyi8qZJLJ1vbv51Xe7fB-Ci9WQ6kKmWaQLCfvWP6DOo_GAoppBz1uAdJ2-08g-O17futom_T9Q1GLlsON7oOrQ6lqmTma27CBC2bVOoAmB9gSmW8-OoCu4i1v8A8BjPDZBFYfdUaD3ERdgI6URtgs2LTy7aJsO79twmCsUnA0IwLyL76PQ6vZY5ELRwvcHMvLLv1PLdcxkRUsJwU0UaBMIH3eKeNi4ojPDn1mlJ0HQccomGRtwmVyXozWm8lB5_omBox0JMreQEXhOFjWjOEK-oRdx20LPtazLUuUVzpNF2bBwoWhpOmTR0Ce7jm8s_-xTrBpqbEeFjok7W1MoxDpryq_NYqv_rZ2lPOAOUOFCumSRyY8qtqTpHAjFGhJJLCoNH_2KRpFwVSDP4TZdBNvFOjD_Qps9dCpCqiZ0nty3UeB23dV44kyW3zeS7hfxiVF5kOjOFzeN63HnRtni001lIhgW0?confirmTime=2101000&confirmRatio=1000000&test-tag=272129127874562&format-type=96&actual-format=8&rnd=3439382074567&banner-sizes=eyI3MjA1NzYwNTUyMDIxMzAyMiI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 18:26:11 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 18:26:11 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 68ms
68ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=8e9e3d72ea0c64f1&pm=bmn&pxo=YSx6KmSg-7t7c_xNOytXUeouB5vrRHl1glLMh0PthghTQ6xhAzFMRisY82ZDTiMRfvGnmoFvCq4clNwuZNxdHvsjKqQeC3h6uflddC8LxZvKhW4VH0ONhjMy70kIdIsqkVt0tfdS7mXNdnxeaoEwnf8PfgVN7UbgRklCTo3zRwFhA5XsO_f9&p5=gwdbk&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=igewecd&sj=0JUs5rPDqe81p4B7umbPjzQ_De86wAt6QdK28UPWAChYxt5vecMP0DPpeIKoEQ%3D%3D&puid1=adv-1657391168618-212&pr=jkgosjf&p1=cdinl&rqs=QGz_Z1uUlBVAyMlixxNGf7MzBciXivhD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:11 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 WPaejI_zOEu0VGm0r1G4SWEBzPAWkmK0xW4GW8200J50oCbY000003YScWE80Xov0gRp98YwvjPcy0BiuB2M1F050Q06o0791a1i_sTRb9GLgGV2pQ1xhXEjDS07mAkm-W602W682WMe2kW7Y0iugWiGZ0tifyBD000h7U5pO-Fm2mRW3OA0W860W82819WEmDZzl... Show response
yandex.ru/an/count/ 43 B
267 B 60ms
60ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPaejI_zOEu0VGm0r1G4SWEBzPAWkmK0xW4GW8200J50oCbY000003YScWE80Xov0gRp98YwvjPcy0BiuB2M1F050Q06o0791a1i_sTRb9GLgGV2pQ1xhXEjDS07mAkm-W602W682WMe2kW7Y0iugWiGZ0tifyBD000h7U5pO-Fm2mRW3OA0W860W82819WEmDZzlxQBfSeLg0_2cvElwFN4rZMG4FhaXuELcOkg4-2Lc7tm4XU84m6G4pBW507O5S6AzkoZZxpyO_205eM0Y826y3sO5l2s-fK6eCaMy3_O5e4Ng1S9cHZG627u69pwpi2Gb_sD780PYHcpvB0Pk1d___y1m1c_mEJ_lPQdgoBI6H9vOM9pNtDbSdPbSYzoDZWqBJ7e6PWCy1dw0PWQrCDJi1j8k1i3WXmDOJT1EcanHdLbIMHXD-aSW1t_Vu0WW228807G8V___m4K03F3QvWnKJno4iXeKbDQ1AkHgRWic4JZ47pZGeo9WQkCnMMh_MZjRpvgZYJpkFPF6OUYgvsJI_XZRtD86iOP~1=WpuejI_zOCy2fHa0j2p8u9kupmE4mTQJouJFruW1W041Y07lpkFMWW6G0RoGhiRLW8200fW1l92knbMW0RQe0RQu0RASlxOZs06YvOYW0U01eDIwdm7e0Qm3-072ejw-0Q02okAD6S022x030kW4iHA81OVw2905oTuIi0MhumUu1QlZ1y05oDDeo0NXjYlG1O-00k05bAW6o06f1yBDe7kk4wqrk0U01T075jW74E07a0tn1m00meA01k08fV763EW91pZ1FaKeRCS_oTaBw0k7-WY83AZmthu1w0oR1fWDtPQW3fh-3e0GqV2i8C2W4D0GnvIlNvWHmOGbeH5du16RgZte4QIMbFkXmBA1xq0bqK1L36YFsTBHFvWJ1E0Jg-C7Y1JIYxp5lkF3cI2W5AlZ1wWKoTuIm1I0mjSlo1G4q1GDs1IJqEYJ1kWKZ0B85PIIkPdW0j0Laz3eamRO5S6AzkoZZxpyOvWMyBRwbGQWi1QZ1yaMq1QeyDw-0TWM-kI7WvMPYwfVWHUO5-h3v2su5m705xMM0T0Nq8O3s1VNt3le5m6P6A0O2h0OyUUcbWQu60Ju69pwpi2Gb_sD780PYHcpvA0Pm06u6V___m7W6G7e6PWCy1dw0VWPi--iAO4Q___l6TGqHv686i24FPWQrCDJe1g8sfd-oxMvYVO1k1e2zHe10000c1lrspkm6qYu6mFO6u20W804wHi00010UL8xGV0RtQw70lWRaAsk0TWSX_e8u1p9tXBf7F4S0000J3XBlJ-07Vz_cHt87S24FU0TzOYf1UWTqQ2wchYeqP0Ry1tf_gtQ-fFua3tu7OZiyPpBZE-CFP4Ug1u1q1wPWOBiplkNb8a1s1xxsXw87____m6W7z7mh22m7m787z6oX53I7mOsCJ8uD3VP7m00020-AZr1u1-za9a2w1-LoUi1W22088WW0QaWi224W23W807G8Vy18G0uuhUO40YCqUm4KeIItB2SiiqGSr4CQD9gP0UlZ90YsG-vp4UWfp9YiI4XNCkyn9I0PRbcQuMGrUyg15m4r6yvBW0gLiqs93Y4bYEJOkHd11PCZXZBEsaCjGZxa071gIRHmJO11m00~1?stat-id=28&test-tag=272129127907857&banner-sizes=eyI3MjA1NzYwNTUyMDIxMzAyMiI6IjE1NjB4MjUwIn0%3D&format-type=96&actual-format=8&pcodever=612847&banner-test-tags=eyI3MjA1NzYwNTUyMDIxMzAyMiI6IjMxOTUwNSJ9&width=1560&height=250&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 18:26:11 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 18:26:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A984 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDXrUHw6Q8pvO0kh5ngG3EWC7moW_kM_fvHjGEra_0de_OYZkhqXQblXzfhbAo7OUtEX9nJFv-fFiUyD6nd8A02CKNOlZ_p4xK7jA_kUJ4jGTqn7ReSs3AZCkx0tfbQS9nKsUjwJwdSN-W&sai=AMfl-YQePkTvqAUvMOLRv4UDYNWlvZDg-GR6ocTao8nsRltHFm5zazXLir2vh528PRfBOc84oQ1cbA_OTe6k1NK70xwaHrZUCvod5B-jTqHyAmgbakh8grdstSij7CE&sig=Cg0ArKJSzADUUg_1wPCcEAE&cid=CAASJORos5yMweaIaGEFY1Jw_tPFssDNfbKLxRzcrkJ2iIfpmjYx8g&id=lidar2&mcvt=1004&p=486,1359,526,1400&mtos=1004,1004,1004,1004,1064&tos=1004,0,0,0,60&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657391170911&rpt=107&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 74ms
74ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1aef4b6ed176cca1&pm=bmp&pxo=_2jGk9qQTK4thdlPKDG7j6Ugxk6mNC4DE9AeCiDS0569Sffr9FT9wrgJcFHTfH4X4PlgKYjgIw_433W8dIGi_lAqH1mGPgfmQen3V-kEKPUr9--yAfO52wbS2v6x5INURVLRLE2QXLKweMMWdDxxVIB2zhOjNDuzWSQ-MGYWcLWhrQOapQ%3D%3D&p5=gwaok&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocg&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVCyMliFezIqVast0DSf-9C&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=gdyrvq&sj=EoOkBH3FWU4o5A7XeZsTHaGoUgk6W43tc3GKlBKy97TMESBl3B9ZOCMcv5nm9A%3D%3D&puid1=adv-1657391168623-593&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:12 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 72ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=a996edade2714acc&pm=bmn&pxo=_2jGk9qQTK4thdlPKDG7j6Ugxk6mNC4DE9AeCiDS0569Sffr9FT9wrgJcFHTfH4X4PlgKYjgIw_433W8dIGi_lAqH1mGPgfmQen3V-kEKPUr9--yAfO52wbS2v6x5INURVLRLE2QXLKweMMWdDxxVIB2zhOjNDuzWSQ-MGYWcLWhrQOapQ%3D%3D&p5=gwaok&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocg&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVCyMliFezIqVast0DSf-9C&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=imklwtt&sj=EoOkBH3FWU4o5A7XeZsTHaGoUgk6W43tc3GKlBKy97TMESBl3B9ZOCMcv5nm9A%3D%3D&puid1=adv-1657391168623-593&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:13 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:13 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 68ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=e3a99c1d69f61d87&pm=bmq&pxo=YSx6KmSg-7t7c_xNOytXUeouB5vrRHl1glLMh0PthghTQ6xhAzFMRisY82ZDTiMRfvGnmoFvCq4clNwuZNxdHvsjKqQeC3h6uflddC8LxZvKhW4VH0ONhjMy70kIdIsqkVt0tfdS7mXNdnxeaoEwnf8PfgVN7UbgRklCTo3zRwFhA5XsO_f9&p5=gwdbk&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwoce&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=jjyvkqd&sj=0JUs5rPDqe81p4B7umbPjzQ_De86wAt6QdK28UPWAChYxt5vecMP0DPpeIKoEQ%3D%3D&puid1=adv-1657391168618-212&pr=jkgosjf&p1=cdinl&rqs=QGz_Z1uUlBVAyMlixxNGf7MzBciXivhD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 72ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9a56ca022585d375&pm=bmq&pxo=hPd0eyfirn0CJ9DyMGXT2vSMo8DHI1CoxF094aOr07vQRlg4TPiNbv5W-Rz2UF9kmQPOj_97qBJaPOBlZpvqYqfLOzSPq1X-o0__AfqK0VD982VkoPC_9xt49baBAIkWK4xmHHFIXlV-uSoLH65k4sx7ILu8YOKA7Na8P1_vIA8yOfX5&p5=gwefg&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocf&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVByMliyrs-vWssGYh-7IF0&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=hooqosi&sj=CsUJ4irhOqqIvWov5AQbwzu_vFi63DD7EoFG3EfyY7vlNxq-u3VCRbXUTEWTNQ%3D%3D&puid1=adv-1657391168622-692&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 68ms
68ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ec7e41f692492485&pm=bmq&pxo=_2jGk9qQTK4thdlPKDG7j6Ugxk6mNC4DE9AeCiDS0569Sffr9FT9wrgJcFHTfH4X4PlgKYjgIw_433W8dIGi_lAqH1mGPgfmQen3V-kEKPUr9--yAfO52wbS2v6x5INURVLRLE2QXLKweMMWdDxxVIB2zhOjNDuzWSQ-MGYWcLWhrQOapQ%3D%3D&p5=gwaok&ad-session-id=3821171657391168666&utg=oxum&lts=fjmwocg&ytt=272130738618373&ybv=0.612847&ylv=0.612847&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=QGz_Z1uUlBVCyMliFezIqVast0DSf-9C&pr=jkgosjf&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=ttznrs&sj=EoOkBH3FWU4o5A7XeZsTHaGoUgk6W43tc3GKlBKy97TMESBl3B9ZOCMcv5nm9A%3D%3D&puid1=adv-1657391168623-593&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:26:15 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 18:26:15 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.bidvol.com
URL: https://ssp.bidvol.com/rtb/pl999

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:37	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:37	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 04:33:15	Name: w3k Value: b8e0862e-b7ae-49b4-8b5d-f589cccf6349
.kp.ru/	1970-01-20 04:33:15	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJiOGUwODYyZS1iN2FlLTQ5YjQtOGI1ZC1mNTg5Y2NjZjYzNDkiLCJqdGkiOiJkMWMzYjIyZC0xMWMyLTQyMTktOGIzMC0yNzdhNDdkNTc2MWMiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiZTc1ZjE0M2Q0MzJmYzRhNWRkZjRjN2E0YmIxMmYwOTUiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA3LTA5VDE4OjI2OjA3WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudHVtZW4ua3AucnUiXX0sImV4cCI6MTY1Nzk5NTk2NywiaWF0IjoxNjU3MzkxMTY3LCJuYmYiOjE2NTczOTExNjcsInN1YiI6InNlc3Npb24ifQ.HPKSr37z-Dn3WRBXBpwAqgB4zHXgxNK6UxuHfuMxtlSUVChIBfJW79i9hyUkhKP0v2AGhcC2tP9dWtaTaYqUf7XUnuL_Y-dKx6KWp9PZMRJEYkbfmFB99zF6phh8NjfL1_O5CVkL6rPXnCRT8Ph-yEQ9h036VlgYwcnNTf4II0EuUMXVmU6Hs_JbECeCUm795yYSZq8d21kH8EaFFUn1xgNIAZONXUtJi47IlBaaObPXVIBuXdy1z0NpAJNczDIbPtQ_soCBd4vRIymXkBBQMJ-qRQ2xdLpENC8yMg8WlOIT2GyrNrla3Un75bOPAemHQkRFq1lZOlUjjxK24PpB4w
.yandex.ru/	1970-01-20 21:54:23	Name: yandexuid Value: 1555030891657391168
.kp.house/	1970-01-20 04:33:15	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.sWgzQiDHtdtmp7DwNBVh-mUJaRIgxzAxm1zDbdVAkKhRGMKIYsc9xdv5C5m-eilHr2lZG7SosOQFbpFvCvo3M785TVHSOg-vowgAaeg714Ice8GeH5q12pZP3x1cwQoUkkV5JPz5q0o9YoT-vN1T6s0x7bAqxZ5N0BCriEsUGPI2qT_atNs4XiZOHc8WT7AiPo1B6FnTdiCK1mNcCsYsCXJYeJ2_oLrc2OXEIrYoykmYxLIAoFMDiyAn_FflZz0yfZGdJJqWDoOEwIn-hcRzuNQXJZe1_8cuRBEhRmzHxXO77BgF59F7iRe56FACNHzwhVJleX1Y25zbXc96n-I_dg.JtRSGqN3IPhkzsY9.NAlEssBRKa0gNmS88nosprh3.Rgkh6XAu5-rOk1DjSbUvRA
.kp.house/	1970-01-20 04:33:15	Name: w3k Value: 5af85233-5446-4b8c-bb6e-7db7d4e688ac
.kp.house/	1970-01-20 04:33:15	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI1YWY4NTIzMy01NDQ2LTRiOGMtYmI2ZS03ZGI3ZDRlNjg4YWMiLCJqdGkiOiIzZDhlNDI1MS0xYmZiLTQzYjctOGVjMi01Mzc3Njc2N2I0ZDUiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjU3OTk1OTY4LCJpYXQiOjE2NTczOTExNjgsIm5iZiI6MTY1NzM5MTE2OCwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiNGVlZDNhMmZjMWY5MDFmYzkxNjMzZjBlNDEzYWExYWIifQ.iLwor42eMksxhzIde7t629aVggsqR0b1AkpTzOMwvXLJNXZhFAewL99NMnmY2WGkkdghXIIl1jBE8FRQoyRKrvhjAaO78DtCz3X20BJGxssf-umvI0rscmTfFyaBMBFAfNEPPLD-bOJonJ25FjnCPhqMKWWNHuLm3sIdMQMRwaophFz2SdWtb_ObgTXxHwqt3bMekEt_6KvFYSNpUe7G19Ba7PQEkG90qsFLo7-QV0jr15x6k3-cs-7Aal9KI1qhfqcYs34Px6WSTj2ZOCrcnfReGNGWNpplTGdTSBdjD8aF9o1TcrxgxKKCnMikG_sjFBIguZEgfZXbiY7AbWjvdA
.exchange.buzzoola.com/	1970-01-20 05:06:23	Name: uuid Value: 16cddcab-0bdc-4d9f-49a0-824e69778a19
.betweendigital.com/	1970-01-20 13:08:47	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:08:47	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:08:47	Name: unm Value: 1
.betweendigital.com/	1970-01-20 13:08:47	Name: tuuid Value: 9fa4cd6e-3436-52be-921b-1444f0d2dc04
.betweendigital.com/	1970-01-20 13:08:47	Name: ut Value: YsnIQAAKh1Bf3aKusoM1ViKsLSX5s3IwYnpRwg==
.exchange.buzzoola.com/	1970-01-20 04:43:20	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.yandex.ru/	1970-01-20 21:54:23	Name: i Value: rT3M/5GonG1gM4pQill44js9BQrG3zteVMS6lHTYkFeP+hiEVSmcKcc7dzP2QSj7oV4ZlTu9QIeC2aOsIs2WBzdPCHA=
.24smi.net/	1970-01-20 13:08:47	Name: smi_uid Value: ULH63wKVT
.kp.ru/	1970-01-20 13:08:47	Name: chash Value: tMSrjAqd4c
.mc.yandex.com/	1970-01-20 04:23:11	Name: sync_cookie_csrf Value: 3855851066fake
.mc.yandex.ru/	1970-01-20 04:23:11	Name: sync_cookie_csrf Value: 3207835036fake
.yandex.com/	1970-01-20 13:08:47	Name: yandexuid Value: 1555030891657391168
.yandex.com/	1970-01-20 13:08:47	Name: yuidss Value: 1555030891657391168
.mc.yandex.com/	1970-01-20 04:24:37	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 13:44:47	Name: IDE Value: AHWqTUn-C6bnPvIcaTdqmHKxpU3e3V21mAyL5KmSNOEEach9exiPMEjoc4HIxdLYfgI
.kp.ru/	1970-01-20 13:44:47	Name: __gads Value: ID=11cd127e710eae0b:T=1657391169:S=ALNI_MbwTU1nzLV38-q3LGJE8QXZ9QepqQ
.doubleclick.net/	1970-01-20 04:23:14	Name: DSID Value: NO_DATA
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1242553421657391170
.yandex.com/	1970-01-23 19:59:11	Name: i Value: WXfJYySRDGOJefzMvtI6OG9gdkfcf/49uOYL2jLYS3PQ87bXDwGh/INobz9GFOkhGazyrgei9SffD7hCeDxuOXivYNQ=
.yandex.com/	1970-01-20 13:08:47	Name: ymex Value: 1688927170.yrts.1657391170#1688927170.yrtsi.1657391170
.tumen.kp.ru/	1970-01-20 21:54:23	Name: _ga Value: GA1.3.791596537.1657391170
.tumen.kp.ru/	1970-01-20 04:24:37	Name: _gid Value: GA1.3.1293382251.1657391170
.tumen.kp.ru/	1970-01-20 04:23:11	Name: _dc_gtm_UA-23870775-1 Value: 1
.tumen.kp.ru/	1970-01-20 04:23:11	Name: _gat_UA-5200037-42 Value: 1
.tumen.kp.ru/	1970-01-20 04:23:11	Name: _gat_UA-23870775-31 Value: 1
.kp.ru/	1970-01-20 21:54:23	Name: _ga_8MQ0FGXD1P Value: GS1.1.1657391170.1.0.1657391170.0
.kp.ru/	1970-01-20 21:54:23	Name: _ga Value: GA1.1.791596537.1657391170
.kp.ru/	1970-01-20 21:54:23	Name: _ga_E8KWCYC304 Value: GS1.1.1657391170.1.0.1657391170.0
.yadro.ru/	1970-01-20 13:07:30	Name: FTID Value: 1YoSX22HlaeM1YoSX2001GPn
.kp.ru/	1970-01-20 13:08:47	Name: _ym_uid Value: 1657391170186173871
.kp.ru/	1970-01-20 13:08:47	Name: _ym_d Value: 1657391170
.yadro.ru/	1970-01-20 13:07:30	Name: VID Value: 3CG1kR0lUOeM1YoSX20016dL
.kp.ru/	1970-01-20 04:24:23	Name: _ym_isad Value: 2
.tns-counter.ru/	1970-01-20 13:08:47	Name: guid Value: 20AB682862C9C842X1657391170
.stat.media/	1970-01-20 13:08:47	Name: _sm_uid Value: d98cfd35-a66f-44b2-8d2c-40a8790aeba6
.stat.media/	1970-01-20 13:08:47	Name: _sm_udt Value: 1657391170631
.stat.media/	1970-01-20 04:23:12	Name: _sm_sid Value: 2fa6194e-31fe-4aa3-9d15-4d861479cde0
.stat.media/	1970-01-20 05:06:23	Name: _sm_cm Value: 6
.smi2.ru/	1970-01-20 13:08:47	Name: _sm_uid Value: d98cfd35-a66f-44b2-8d2c-40a8790aeba6
.smi2.ru/	1970-01-20 13:08:47	Name: _sm_udt Value: 1657391170631
.smi2.ru/	1970-01-20 04:23:12	Name: _sm_sid Value: 2fa6194e-31fe-4aa3-9d15-4d861479cde0
.criteo.com/	1970-01-20 13:44:47	Name: uid Value: 40e225da-5ed0-42d9-b656-7e11e4072f62
.kp.ru/	1970-01-20 13:44:47	Name: cto_bundle Value: H9SSA185ZDRtVkVVRnclMkY1NVA2Qlh3WlR5MDZyNEt6NllvS2hObDZ3Y0RaNkEwYlYwdmh2dlNLRkVWemYlMkZrY0MlMkI5ZWx0Q1RoMTdsZyUyQmxaVkRoZndBb0ZNeEtzWnRMUlpXM3pCMUVmenFQdVJYeHJhUk9wb3B5amRMRCUyQkNicktDaSUyQjBmTzlhUDlLeERPMkp3Y3ZZQVhGMlVsbVElM0QlM0Q
.adnxs.com/	1970-01-20 06:32:47	Name: uuid2 Value: 6280947256440253975
.casalemedia.com/	1970-01-20 13:08:47	Name: CMID Value: YsnIQp6n66oCQ2q5vZ5JWwAA
.casalemedia.com/	1970-01-20 06:32:47	Name: CMPS Value: 1169
.casalemedia.com/	1970-01-20 06:32:47	Name: CMPRO Value: 1169
.adnxs.com/	1970-01-20 06:32:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb=sH#u)!@wnfH8K6pQK`!5=E<L5?%K3.z?!w4!us8=WOAkzKr8j4kT+8nH0gooZo0bpRzqF1`*b^7#)g>=I
.bidswitch.net/	1970-01-20 13:08:47	Name: tuuid Value: aa5855db-5ac8-4bbd-88ae-757fff236d8c
.bidswitch.net/	1970-01-20 13:08:47	Name: c Value: 1657391171
.bidswitch.net/	1970-01-20 13:08:47	Name: tuuid_lu Value: 1657391171
.mathtag.com/	1970-01-20 13:49:06	Name: uuid Value: f87062c9-c842-4500-bc2c-590b0f7b2329
.mathtag.com/	1970-01-20 05:06:23	Name: mt_mop Value: 4:1657391170
.casalemedia.com/	1970-01-20 06:32:47	Name: CMTS Value: 1144
m.exactag.com/	1970-01-20 06:32:47	Name: exactag_new_gk Value: 970936860f2647b8b4e1bd66d6617bc8%7c07.09.2022+18%3a26%3a10
m.exactag.com/	1970-01-20 08:42:23	Name: exactag_new_uk Value: 2f7e6e29c67747799851e14fdee02929%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: e2d2a49cb1ed429a8c4eee6d
.scoota.co/	1970-01-20 21:54:23	Name: tuuid Value: 8eef547a-4183-4a71-83ba-3e14bfeafae1
.scoota.co/	1970-01-20 21:54:23	Name: c Value: 1657391171
.scoota.co/	1970-01-20 21:54:23	Name: tuuid_lu Value: 1657391171
.yandex.ru/	1970-01-20 21:54:23	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:54:23	Name: is_gdpr_b Value: CI+ICxC1fRgB
.demdex.net/	1970-01-20 08:42:23	Name: demdex Value: 72108129113380786220769479872735827753
.skydeutschland.demdex.net/	1970-01-20 08:42:23	Name: skydeutschland Value: 72108129113380786220769479872735827753

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://137d3085774ed72bf626261315513874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/6260330094686772102/DAH_200x200_Hamburg/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

137d3085774ed72bf626261315513874.safeframe.googlesyndication.com
28e58fdb5be728553e5175a9070faf15.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cm.g.doubleclick.net
counter.yadro.ru
data.24smi.net
dsum-sec.casalemedia.com
exchange.buzzoola.com
f2b37124788afcb583921ebe4e7e6828.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
img.24smi.net
jsn.24smi.net
m.exactag.com
match.adsrvr.org
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pda.tumen.kp.ru
pixel.adsafeprotected.com
r.scoota.co
region1.google-analytics.com
s0.2mdn.net
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s12.stc.yc.kpcdn.net
s13.stc.yc.kpcdn.net
s14.stc.yc.kpcdn.net
s16.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.tumen.kp.ru
x.bidswitch.net
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
ssp.bidvol.com
104.18.19.126
13.32.99.105
142.250.184.194
142.250.185.130
142.250.186.130
15.197.193.217
159.69.141.123
172.217.16.194
178.250.2.131
178.250.2.146
185.184.8.90
185.29.132.241
188.42.191.196
195.209.111.20
2001:4860:4802:32::36
2001:6d0:4001::226
213.202.235.10
2600:9000:223f:dc00:8:48e:53c0:93a1
2606:4700:10::6816:284a
2a00:1148:db00::17
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2004
2a00:1450:400c:c03::9c
2a00:1450:400e:80f::200a
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::5:114
2a02:6b8:a::a
2a03:90c0:41:2801::254
37.252.173.22
46.161.36.2
46.161.36.23
52.210.118.181
52.29.193.101
52.45.72.129
54.77.149.51
82.202.225.240
88.212.201.198
88.212.218.1
95.181.181.12
95.181.181.82
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01c3133a48ff2cc94764baf35da0123b56adc3473636cb010174cbd80506801b
02748302b87fe5d0aeadbb619bdebca25c6d16da24f81b30a9c5f7c6daf70753
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
06981a64a4919801e9b7f0a0fe9223d5e50343f1d1ee156f693a89292da1d9f6
074818e5917ed4e771ba49497f1a31c6b7ab3cf6de15da340de5c14d435a948e
082f5a71f2c164ddc4cb665b6563934aaa84d210afffd3e75475958d3f84d80a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bac98fc273488496e7f2da80b46ac9532d6dcb6b23218444dad0e639c777594
0fd49b19d389e09d564f7ebb352aba8f79b531399a56a21fe1235e169c2af189
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184af66775baea8775e1c9b2c2219b5f4315ca37f799b5547e0073c6be638c4d
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19e2617d285e351af51e6c6671c60577c4d4b0694856f9cd0b9ac688707cf5b1
1c35bef7abeed70f2a1eca573aa12c16969b0a0293cc27e463a2dc54da8c118d
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
1d3dc8510f68191b6b2af6f613b0f0a1d59583bfae870ee1a8c940982147dfad
24eb1b9d06967440dd14bc9354efa96ab41324c1fb987adb1444df6136e97b7d
2588a20eddf37705d93a5be706c3068084886dd85cdbae23378f0f4de3ebf637
260221b364f48de0ea52aa5b56feaa2402e898303b45836b5fbbc503f136594f
2853f02a97e1eab0631063c447d99c45ae4ecb4f8c351682ba467301434df230
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e
2dc5a0cf38c37eae183cc95adc13d17e562045e2d149d23d603db0f246b3955b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe
32bf544863583cfb1afc1228953c4e6021728ba3bbb93dfca42ad3b78b6455a3
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3596809d7f1929d6fdfb6af8ec94ac1a5a7c63a04bf47018fb0800ad8410ab47
35d1757737ee648861ccaaba694bea6841ba6d9704f82c294790f15f42b238f9
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
39b74fcc99f4b56758d56aafe6defc0cfa26c325f5d028705ec5e19f4d916909
3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847
3c005559ec338b49cbf1043eb8fbd14312f7b4353fb98c80663ef810a062090d
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fee6da404568360982debc957f0064a847847fa8904082076f42b6729b521ef
402873f4ee41dfac8ef102b357be254757bc32540ca42acd252d18533027c066
4189a6e9515b398cf3073a38341bf739a3ee2978d3acc073837512226c219686
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4324fc6f18883e24661b7c88040ad5bf847e0ef4f077cde80d8efc6e9476f03f
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
45f60b2013d27c45b16222d33352db78c1c775b2e4f82506963414127ef6e6d1
483d62eadee1a211b47d2cf37805eb4c378b13bbe7de22990a280f6cecd501c1
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb46ac2e1ac8e4fae27114b8708df55f1a984d8bbd713fea91bc479e64948f1
4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192
4bfde9b91c43a201337e2cfae2a619fbebc0045f4e630733c372ddbf3a0ce3f6
4e7e1b3cde3957bba39b431051070a4bb06fbf2408118e94aa36ba5d2fb39c18
504d65022d0c994ccf194575d733b7d3b0d16396cbcf48e5e80392b7a9ed912f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cc160081ef682ef44aca934515160c8c9cb092802ccc2c0af82bfa92a04790
541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54f6312f05434c70fb7a24375ce7bfb1b256b0b92220ee425d589098cca0b6ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
580dd00a201db7202f93efd4a3d41019fb9cc9d724c14a0e3ca906b36c8bde41
58b4b3133a9f9680a958f8aac0f02eff779ebccad572483cca463634a37ae3f0
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5a3bec7394a80f0f4037f3e68d49b418dd393e268fba0c2073839911da8da88c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
605f6d52fb8dc1615d01dd5c10abc70a79c2fe8eba17bba2602ceeee1bf195cb
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
60a9a90526a866ca866c5891ba0c34ee6c6e0dfe1acd84fd004c3ff2fa22ba9b
6100b852f12489e366676fa990f618519af7effd1f2e913d4eb074108faf0b1d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c
625a6ab71fdc612207c0e58f5fb039fd3b064bbc5eef66dead6022d7743eaa38
677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b
69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
6fad50668373a310ea2b4e86923ad2260ee3070fec61e8b8236f3efefcde5b99
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3
746b831ec5c99b337a0539d90ca9f46552f69719bd964b55a5c49b83b67c63df
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1
77db5b236c460d3858f975e7cb8ce17f2e647f0b877d557636702bcc0a307080
7955caf7cc5a40b753096c9844b13d2e0e28a683b54f6f29f878ad923d157e41
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7e509ee1ad89c17baa0a95f0899b322fcb4700297ce1f53179d2bef676318bf9
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
828130c69f25e8faddd6c74efb7baf23fa84ae6ab98ba083b9b907be8a6a4238
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8576b68444c58e2f0c0f02d81bf53b0ccd7f82742d6bc174d9812a3fc15d3cae
8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
8e2c75035573ba50ecea6928f247fead55ba508775205673807af3fcdd0b35e2
8ee3c83c278e037e85b1ad63a4df8bd0165b3a80a5bd4d83d855262a0c80f6f0
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
921fa6157fcb13321ce83f4f5a022a5dff4848fd1ae0256b3e5c341e0aa15598
924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
9438ae7f5b873bcca594875785a94a8632686955a34fd717b5130b86a6511747
97196ac8e90e6d190ee5aef7a9d1a903d152e5760d6c0d55cb2bc5be7b2e19d5
9776daea9661cbc69a6c5dc82890ca28ae3400a2cf3a808fdb72379524d02047
9815fe31ba2b6c43e2d63695ca42125ca432eb115200487a6a0a9d7e53473765
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c45ac4cca27e9f345eecdd15d5a1a683b314ce7086700b7bcf564b22e284b49
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9cbc52c02bba9a41c4861317328d8be0ce4abd1077155e18825f860096df567e
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a6aac43426b259f7698b9c9d71366d7f291bc9ad9decaed0469d545556cc29
a0e284c728470401d1d5eed56d4eacdd4ca5da82286f6864263b4d5374d68fa0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
a9b54bdbefb66df89c042c7812a9cb4edc9c525066c4f7ac7e2b472526b0a3b2
aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b190f4a63921bd6ca74e0ae5f1d6edb56ae9807da467dddfc4000956a3aba064
b1cbbc2d30a2862f68c01851c38ebee8876e0b62f062ecc197fd596dc378c817
b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d
b44eebebc320ee341ccc3f50543909bde3a7082487ad914588c3d91281a38b97
b5157cdc5963c4c9f350c75669e14168190ddef3114048d63d672b29252fc917
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be3a0df36dbaac54ee8f9b8fa94085ba6923e595130d93a0c7ebdc45d278a7fa
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
bf33e310c0cd1db4f9589bb7f300bb44e00fdf1cb7f4ae7bd211a809f15af54f
c26b35db27b9f0e09573db523bce189e9559f36c180606481565152f9f656cb3
c33acb28b4e92328f3608d5e64fd89d6bf96d1a784db1c0adaf7514b04e4c1bf
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
cc557f7c454f4507d1722f12a78d6cc4a10cf3db3104d761dc87cb014bbaa21c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02fba790048c3fd33b923ad14a63fb1b86d40ddef54ee91b7096f8f420ee75c
d22c8a80e52af612e5a186582044338158fa5f45350cd506f4448a6593b8db11
d25cc5b065456444ee12a1ce6261afba22f2afe316db704b3e38a01e6bdd8756
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d5386e77da539277a8f9531cda40431675fe0f7eb923f4ceeb67646c1ec830e5
d81ebf55769799aa4b2d2cb138767a82b538d5eb649714450e9b80489c5ed533
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
dd266ab93f8fc411c485bfe02a97b917f739e12b2ce3b195263ab21a318dc49d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4e5164bf9562da35c90965354e0e45917c428a76f9aa2e5954a2b192f43caa
e1a808202b382aa97d0d257c3ce02c559601970369e3f1f5f64219e28e46665e
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a
eccad07bb18dac2c2b2d6bad2b050819ebf6ab2923a2cbf0f368751a0cd4371b
ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c
ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f
ee881663bf9c5f2464f2f0b194d707e4c46801fe391ac108fa91ccfa97ed0ef9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f256a316271a085b13428e78d7eeb014343f633be0382bb21b04bcf19b87fcea
f4dbdd25302ee76c26a0bc01d3c8b383c560f6ef450a6e2ad89b6269424c4ea9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f663f0b96b83e0f3dc34fea3253eef5bed2e88494ed48a3990e7fd136eb5e6a3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f81c4045ec0d82aac75f72ee891350ad058d3a93e1be7c8831019318b1d78f38
f8a1209401e50da1707bfbd6b637d5948bb2e7fc38ed3c890402701a3945d61b
f8ab162cec14d59593a5559a0145860377d9953977dbf063f29cfeb56c85ff3c
fa229122eb787ef65850e39e9f4aa7496f2f1d5ed8356a035bedb3139f8b9c1f
fce8cc9213f8d10a1409683b1b8994eb8df8eb64db8526c483c934f35493cd4b
fd9381260ad51627ef2f8ba1e99c34adf6e6954c54cca2312cc460b1b20678f1
fef59e2c8a0ef950f7541328bf485047ed669524ea43a8391717838da41755fb
ffbfc4fd7443146da8af0ffb6a17df8c9775e427799f67e022e12f519163b44d

www.tumen.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

314 Requests

94 %HTTPS

53 %IPv6

43 Domains

71 Subdomains

55 IPs

10 Countries

3950 kBTransfer

10123 kBSize

73 Cookies

34 Outgoing links

Page URL History

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

94 %
HTTPS

53 %
IPv6

43
Domains

71
Subdomains

55
IPs

10
Countries

3950 kB
Transfer

10123 kB
Size

73
Cookies

314 HTTP transactions
12 data transactions