Submitted URL: http://pda.orel.kp.ru/
Effective URL: https://www.orel.kp.ru/
Submission Tags: ru h8 kuzelovi sub l4ing ddos Search All
Submission: On August 27 via manual from UA — Scanned from DE

Summary

This website contacted 53 IPs in 9 countries across 33 domains to perform 273 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.orel.kp.ru.
TLS certificate: Issued by R3 on August 5th 2022. Valid for: 3 months.
This is the only time www.orel.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 95.181.181.82 210756 (EDGECENTE...)
12 2a02:6b8:a::a 208722 (GLOBAL_DC)
27 2a03:90c0:e1:... 199524 (GCORE)
1 2a02:6b8::16b 208722 (GLOBAL_DC)
1 95.181.181.12 210756 (EDGECENTE...)
11 2a02:6b8:20::215 208722 (GLOBAL_DC)
18 2a02:6b8::1be 208722 (GLOBAL_DC)
2 4 159.69.142.212 24940 (HETZNER-AS)
3 2a02:2638::3 44788 (ASN-CRITE...)
3 185.184.8.90 204995 (RTB-HOUSE...)
3 195.209.111.22 52007 (ADRIVER-AS)
3 2a00:1148:db0... 47764 (VK-AS)
3 188.42.191.196 7979 (SERVERS-COM)
1 65.108.1.48 24940 (HETZNER-AS)
6 178.250.0.165 44788 (ASN-CRITE...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8::2:158 208722 (GLOBAL_DC)
10 2a00:1450:400... 15169 (GOOGLE)
9 142.250.185.226 15169 (GOOGLE)
3 26 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 2a02:6b8::36 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::5:114 208722 (GLOBAL_DC)
1 24 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
3 14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::90 208722 (GLOBAL_DC)
1 4 2001:6d0:4001... 52016 (TNSMSK-)
4 2a00:1450:400... 15169 (GOOGLE)
2 146.185.195.88 50340 (SELECTEL-MSK)
1 3 13.32.121.72 16509 (AMAZON-02)
1 2 88.212.202.52 39134 (UNITEDNET)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 82.202.225.227 49505 (SELECTEL)
2 2a02:6b8::184 208722 (GLOBAL_DC)
8 2a00:1450:400... 15169 (GOOGLE)
1 5.188.198.148 49505 (SELECTEL)
1 82.202.225.240 49505 (SELECTEL)
2 3 172.217.18.2 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 74.119.119.139 19750 (AS-CRITEO)
273 53
Apex Domain
Subdomains
Transfer
44 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
311 KB
27 kpcdn.net
s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 395274
s16.stc.yc.kpcdn.net — Cisco Umbrella Rank: 418313
s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 403657
s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 479144
s13.stc.yc.kpcdn.net — Cisco Umbrella Rank: 444121
s14.stc.yc.kpcdn.net — Cisco Umbrella Rank: 423325
s10.stc.yc.kpcdn.net — Cisco Umbrella Rank: 424602
753 KB
22 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10960
5 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
480 KB
20 adfox.ru
ads.adfox.ru — Cisco Umbrella Rank: 11442
banners.adfox.ru — Cisco Umbrella Rank: 74240
94 KB
19 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1426
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 30072
mc.yandex.ru — Cisco Umbrella Rank: 3880
ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25730
an.yandex.ru — Cisco Umbrella Rank: 2470
392 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
3 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
244 KB
11 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
www.google.de — Cisco Umbrella Rank: 6076
2 KB
11 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6925
269 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
9 KB
8 24smi.net
jsn.24smi.net — Cisco Umbrella Rank: 59755
data.24smi.net — Cisco Umbrella Rank: 60390
img.24smi.net — Cisco Umbrella Rank: 85517
57 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
20 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
214 KB
4 stat.media
stat.media — Cisco Umbrella Rank: 29300
29 KB
4 tns-counter.ru
tns-counter.ru — Cisco Umbrella Rank: 11338
62 KB
4 yandex.net
favicon.yandex.net — Cisco Umbrella Rank: 10522
avatars.mds.yandex.net — Cisco Umbrella Rank: 8534
29 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
4 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20664
2 KB
4 kp.ru
pda.orel.kp.ru
www.orel.kp.ru
107 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 130
16 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
784 B
3 smi2.net
target.smi2.net — Cisco Umbrella Rank: 129326
smi2.net — Cisco Umbrella Rank: 47513
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
217 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2016
3 KB
3 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 11968
1011 B
3 adriver.ru
pb.adriver.ru — Cisco Umbrella Rank: 40366
906 B
3 creativecdn.com
adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 65849
624 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
40 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9849
2 KB
1 smi2.ru
smi2.ru — Cisco Umbrella Rank: 50825
868 B
1 bidvol.com
ssp.bidvol.com — Cisco Umbrella Rank: 32925
474 B
1 kp.house
identity.kp.house — Cisco Umbrella Rank: 415596
2 KB
273 33
Domain Requested by
24 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.orel.kp.ru
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
22 mc.yandex.com 2 redirects www.orel.kp.ru
mc.yandex.ru
19 s01.stc.yc.kpcdn.net www.orel.kp.ru
s01.stc.yc.kpcdn.net
18 ads.adfox.ru yandex.ru
www.orel.kp.ru
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.orel.kp.ru
www.googletagservices.com
14 www.google.com 3 redirects tpc.googlesyndication.com
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
www.orel.kp.ru
12 yandex.ru www.orel.kp.ru
yandex.ru
yastatic.net
11 yastatic.net yandex.ru
yastatic.net
www.orel.kp.ru
10 fonts.gstatic.com fonts.googleapis.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.orel.kp.ru
8 www.google.de www.orel.kp.ru
8 googleads.g.doubleclick.net 2 redirects 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
www.googleadservices.com
6 www.googletagservices.com yastatic.net
securepubads.g.doubleclick.net
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
6 bidder.criteo.com static.criteo.net
4 stat.media target.smi2.net
stat.media
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.orel.kp.ru
4 tns-counter.ru 1 redirects www.orel.kp.ru
tns-counter.ru
4 img.24smi.net www.orel.kp.ru
4 mc.yandex.ru 1 redirects yandex.ru
www.orel.kp.ru
yastatic.net
4 fonts.googleapis.com client
yastatic.net
tpc.googlesyndication.com
4 exchange.buzzoola.com 2 redirects www.orel.kp.ru
3 www.googleadservices.com 2 redirects yastatic.net
3 stats.g.doubleclick.net www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects www.orel.kp.ru
3 www.googletagmanager.com www.orel.kp.ru
www.googletagmanager.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 ads.betweendigital.com yandex.ru
3 ad.mail.ru yandex.ru
3 pb.adriver.ru yandex.ru
3 adfox-c2s-ams.creativecdn.com yandex.ru
3 static.criteo.net yandex.ru
www.orel.kp.ru
3 s02.api.yc.kpcdn.net s01.stc.yc.kpcdn.net
2 gum.criteo.com 1 redirects static.criteo.net
2 avatars.mds.yandex.net www.orel.kp.ru
2 region1.google-analytics.com www.googletagmanager.com
2 counter.yadro.ru 1 redirects www.orel.kp.ru
2 target.smi2.net www.orel.kp.ru
2 encrypted-tbn1.gstatic.com 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
2 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 favicon.yandex.net www.orel.kp.ru
2 banners.adfox.ru www.orel.kp.ru
2 data.24smi.net jsn.24smi.net
2 jsn.24smi.net yastatic.net
jsn.24smi.net
2 www.orel.kp.ru www.orel.kp.ru
2 pda.orel.kp.ru 2 redirects
1 mug.criteo.com
1 smi2.net www.orel.kp.ru
1 smi2.ru www.orel.kp.ru
1 an.yandex.ru yandex.ru
1 encrypted-tbn0.gstatic.com 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
1 www.gstatic.com 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
1 1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ysa-static.passport.yandex.ru www.orel.kp.ru
1 ssp.bidvol.com yandex.ru
1 s10.stc.yc.kpcdn.net www.orel.kp.ru
1 s14.stc.yc.kpcdn.net www.orel.kp.ru
1 s13.stc.yc.kpcdn.net www.orel.kp.ru
1 identity.kp.house s01.stc.yc.kpcdn.net
1 matchid.adfox.yandex.ru yandex.ru
1 s09.stc.yc.kpcdn.net www.orel.kp.ru
1 s16.stc.yc.kpcdn.net www.orel.kp.ru
273 64

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
orel.kp.ru
ads.adfox.ru
Subject Issuer Validity Valid
amp.orel.kp.ru
R3
2022-08-05 -
2022-11-03
3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018
2022-08-19 -
2023-02-16
6 months crt.sh
*.stc.yc.kpcdn.net
R3
2022-07-30 -
2022-10-28
3 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018
2022-07-18 -
2023-01-10
6 months crt.sh
identity.kp.house
R3
2022-07-09 -
2022-10-07
3 months crt.sh
s01.api.yc.kpcdn.net
R3
2022-08-07 -
2022-11-05
3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018
2022-04-01 -
2022-09-29
6 months crt.sh
*.adfox.ru
GlobalSign RSA OV SSL CA 2018
2022-05-30 -
2022-11-08
5 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020
2022-04-05 -
2023-04-05
a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018
2021-10-15 -
2022-11-15
a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh
ssp.bidvol.com
R3
2022-06-29 -
2022-09-27
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-13 -
2022-10-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.s3.yandex.net
GlobalSign RSA OV SSL CA 2018
2022-03-11 -
2022-10-11
7 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh
favicon.yandex.net
GlobalSign ECC OV SSL CA 2018
2022-04-11 -
2022-09-10
5 months crt.sh
*.google.de
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
ysa-static.passport.yandex.net
GlobalSign ECC OV SSL CA 2018
2022-03-04 -
2023-04-05
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-05 -
2022-11-03
6 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018
2021-12-10 -
2022-12-31
a year crt.sh
smi2.net
R3
2022-08-10 -
2022-11-08
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
stat.media
R3
2022-07-25 -
2022-10-23
3 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018
2022-03-04 -
2023-04-05
a year crt.sh
www.google.de
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
smi2.ru
R3
2022-07-01 -
2022-09-29
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh

This page contains 21 frames:

Primary Page: https://www.orel.kp.ru/
Frame ID: 228A9BD72B73E1AC07C31EBC1CF81907
Requests: 175 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 214E7F6F3F8F15931B7110A6CAC9A27E
Requests: 8 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: EBE3D49BEBCFE65534CAFEFAF986D1A2
Requests: 23 HTTP requests in this frame

Frame: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 26122C587E73442A137357D7354C646A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: DF2898342BF2A80183BD5997E18C6A01
Requests: 7 HTTP requests in this frame

Frame: https://1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7E7FE1CBD9D836AF5DD278D1AE0300E9
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 918281125BEB537C76F8B528AD868DE1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D6957F1CBA3DE4C846CA668677EB180
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BAAFF9B77C662F8D6CE2C9D59D44B15
Requests: 2 HTTP requests in this frame

Frame: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DC314A443963C2A42B25D7A695C0C787
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C160E145F63047BD8A81E2C5B2E36CA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88C8FAD2EF025D12A53F9B757330E51D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A08CE99237058BC0A421025AD262D875
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CED79F86FE35B6437A0456AC82E8A229
Requests: 2 HTTP requests in this frame

Frame: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A266990B8081A3ABAA8BA2D840DB0372
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5aGzMEjmRuN4jB-jA2bZbxEHJdOPFasuy6WYgeJJ6lqqbfIB22r-N24tgKICRrAiEia-CKcfuPJwf_b_sKvvsih-TNN9nmWMoptF7eolLUDSWJijvdLTBLoDGNEv2ZYMVdRG5POK8U0e2ZtcU6DyeImrRC0nsJ8CHQwMDHk4_h4zVwG-DVi0fUItKQlIh9YR5dB1tnaRIEdgHBCHTUoN_O1ntwFpS_YnrDHxCXaoEFBEP3aL7D1Y6sH1xTPjGQLglhMPcv5P_8tvfRfMghvZpA3ijFdFBCctAXpk0KZKBQ9But8-ZRfPG-oBJ-y_FS7W1gQ&sai=AMfl-YTx8QNSTqM8Lp5A1-ltuJ9V0QSDgLpRYMad__jqqjO9mnNo_PHYrTUx-MN5v8r8ltMbnrbd0HeTSjfJDDB5Ph2FwAp7DYcGTXrc3za-NlJrzqdmeTgRL4v7aWk20aSvOzY&sig=Cg0ArKJSzDt-NInwW8WIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 857A9D5156B1261318B2921B7C1ABE9B
Requests: 5 HTTP requests in this frame

Frame: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 77E1C722A9FE2C39A82319970B3947D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: CAB0142A049386558A3C18B8CE4DA1EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: A62BDB0FA713FDE8261B13E25266C908
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 800FEB16FBA7412552D62374FF6ABA6A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.orel.kp.ru
Frame ID: 47D1D7E6884481A9B792245069988267
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Новости Орла и Орловской области: главные новости на сегодня | Комсомольская Правда в Орле - KP.RU

Page URL History Show full URLs

  1. http://pda.orel.kp.ru/ HTTP 301
    https://pda.orel.kp.ru/ HTTP 303
    https://www.orel.kp.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

273
Requests

96 %
HTTPS

67 %
IPv6

33
Domains

64
Subdomains

53
IPs

9
Countries

3364 kB
Transfer

9078 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pda.orel.kp.ru/ HTTP 301
    https://pda.orel.kp.ru/ HTTP 303
    https://www.orel.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 54
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 128
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.bRzznenTSHE7JrMIfPLnWZoCrV2Xt7UDjzappqw_nYN0oGscmco7eJmB7mOuSZZe.zH2y3Qpo0dDNaV9O6EMz-kUzvlk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9743.gmAvMA681SLeNVIoW5uN0a9q20MQltl_uouF0mjuwj3fMJxxISM-1r6Zw82cpTqW-tD4q4xZvPPdqr0Px6GExxsgt0cQHkuMXkP3MHrF7rA%2C.VW83vVqcQa1MpS3lAbgTJIxHOlQ%2C
Request Chain 155
  • https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605726%3Ac%3A1%3Arn%3A712482926%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605723679%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605726%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605726%3Ac%3A1%3Arn%3A712482926%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605723679%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605726%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
Request Chain 168
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U HTTP 301
  • https://tpc.googlesyndication.com/simgad/7103612115487317334
Request Chain 191
  • https://counter.yadro.ru/hit;kp/kpall/reg/kporel?r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u043E%u0432%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430;0.13217959147474345 HTTP 302
  • https://counter.yadro.ru/hit;kp/kpall/reg/kporel?q;r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u043E%u0432%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430;0.13217959147474345
Request Chain 216
  • https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895 HTTP 302
  • https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895
Request Chain 225
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 261
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YRcKY4KkB7aemLAPz7-2-AI&random=1079792175&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221&ipr=y
Request Chain 262
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YRcKY8umB4mbxgL_35OYDQ&random=571248894&sscte=1&crd=CJqqsQI HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=2298257558 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=2298257558&ipr=y
Request Chain 280
  • https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 281
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.orel.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ecRByXxtYzhIc05NdVpwdklxaE5sTlRvNkVrRGdNWmUzRG5TNmZyMlFJRzlyckQ1OFFUTmMwVzJjM3NUL3FIZXFZemhwdUkvWTRxZUc0VGY1QkJqTXJpdkdHWUFTVTBKUktybGdkaUx3MmsvWkZlZEhZcTFhQW1kMmt5bVhIS3VmZkwvWGVQdmNvZkhoeUlTQ1ZqTnUyNTdKaDU2dTZZcm43TWJrc09zNUkvNUhPbVNLUjlJUllNY0dLMERCeTFzdi9QKzI3VFFQZnJWYTVCN29JcmxncDZlbDJXTVMya01NUEd4bm9QMXJFSXVrZzNveFVGdytlM2loRldJbDFkVEZNSCtIfA&cppv=2

273 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.orel.kp.ru/
Redirect Chain
  • http://pda.orel.kp.ru/
  • https://pda.orel.kp.ru/
  • https://www.orel.kp.ru/
836 KB
104 KB
Document
General
Full URL
https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
6aada6b83c73fb2c9ee40846b49edee470f9caa94e841ac2d7080a556ac18413

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 27 Aug 2022 13:08:44 GMT
server
nginx
vary
Accept-Encoding
x-manifest-version-id
0005E725A8187701

Redirect headers

content-length
50
content-type
text/html; charset=utf-8
date
Sat, 27 Aug 2022 13:08:44 GMT
location
https://www.orel.kp.ru/
server
nginx
header-bidding.js
yandex.ru/ads/system/
116 KB
32 KB
Script
General
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e556d4e5d4460cc0ac6fbe5bf374c221566a41314debe196f7876f9744a3dfa4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605724559034-3163952798653441562-sas3-0641-7f2-sas-l7-balancer-8080-BAL-5665
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 27 Aug 2022 14:08:44 GMT
context.js
yandex.ru/ads/system/
291 KB
78 KB
Script
General
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6d038009e35ee22188efb61e2b25684ca1b712999ca3b8148b77a4466cb26b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605724559315-5381574397113774289-sas3-0641-7f2-sas-l7-balancer-8080-BAL-2594
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 27 Aug 2022 14:08:44 GMT
truncated
/
587 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
22 KB
22 KB
Font
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:44 GMT
x-content-type-options
nosniff
x-server-trace-id
20328711ff979d6e:3a1bbfd33ad4bc84:20328711ff979d6e:1
x-amz-request-id
6210b59885597c18
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:34+00:00
content-length
22100
x-request-id
4764f058-aa17-4c85-b4ce-43adf579f74d
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:45 GMT
server
nginx
etag
"88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id
0005D1CC489C28E6
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
content-type
font/woff2
expires
Sun, 28 Aug 2022 13:08:44 GMT
71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
39 KB
39 KB
Font
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/71df57f56c922e07c34676f1e3160977.woff2
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:44 GMT
x-content-type-options
nosniff
x-server-trace-id
14c42d5c1f7b35a3:55fdf8d943f406be:14c42d5c1f7b35a3:1
x-amz-request-id
81458e222375922e
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:34+00:00
content-length
39768
x-request-id
ad9f078d-d968-4d7d-a738-3a0ceb6685c7
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:45 GMT
server
nginx
etag
"71df57f56c922e07c34676f1e3160977"
x-amz-version-id
0005D1CC48A637F4
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
content-type
font/woff2
expires
Sun, 28 Aug 2022 13:08:44 GMT
0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
6 KB
6 KB
Image
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
x-content-type-options
nosniff
x-server-trace-id
8776713285dfe500:803b893d972b490d:8776713285dfe500:1
x-amz-request-id
568e556945d66103
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:24+00:00
content-length
6368
x-request-id
254ac9da-d4c7-4b37-987d-7c75397e228d
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:49 GMT
server
nginx
etag
"0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id
0005D1CC48E0B8E0
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
content-type
image/png
expires
Sun, 28 Aug 2022 13:08:44 GMT
favicon-16.png
www.orel.kp.ru/boom/api/2/metrics/adaptive/
514 B
924 B
Image
General
Full URL
https://www.orel.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=orel
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Nov 2021 21:56:51 GMT
server
nginx
x-server-trace-id
9c57785dd86c900b:608e0419762d8a0f:9c57785dd86c900b:1
x-amz-request-id
ba12d75998a4c3a4
x-serverless-gateway-path
/boom/api/{api}/{version}/{content+}
etag
"642c7d14314b78ed52c384a1a2ba4203"
content-type
image/png
access-control-allow-origin
*
content-length
514
x-serverless-gateway-id
d5dscajgqq50cos2lp8d
x-amz-version-id
0005D1CC48F877CB
x-request-id
6ca4d023-fdfc-416a-92b2-6c2c71e947d9
wr-750.webp
s16.stc.yc.kpcdn.net/share/i/12/12674718/
96 KB
96 KB
Image
General
Full URL
https://s16.stc.yc.kpcdn.net/share/i/12/12674718/wr-750.webp
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
68ff016e77d805317125a6ae49b160d2afed4f71587c8e58424af36d9393b687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Sat, 27 Aug 2022 13:08:44 GMT
last-modified
Fri, 26 Aug 2022 14:46:38 GMT
server
nginx
x-amz-request-id
0d7368beffe702df
etag
"1f461e6f3b90c84886cb00f207d5d34c"
x-cached-since
2022-08-26T21:55:36+00:00
x-amz-version-id
null
cache-control
max-age=345600
cache
HIT
accept-ranges
bytes
content-type
image/webp
content-length
98194
expires
Wed, 31 Aug 2022 13:08:44 GMT
325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/
43 B
312 B
Image
General
Full URL
https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Sat, 27 Aug 2022 13:08:44 GMT
last-modified
Sat, 02 Oct 2021 15:40:25 GMT
server
nginx
x-amz-request-id
8e57469145af22f3
etag
"325472601571f31e1bf00674c368d335"
x-cached-since
2022-08-24T19:48:01+00:00
x-amz-version-id
null
cache-control
max-age=345600
cache
HIT
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Wed, 31 Aug 2022 13:08:44 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
d_c1.svg
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/
2 KB
2 KB
Image
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/d_c1.svg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
6a6c6dc1f7bbbaa5:cb87410971dce3d6:6a6c6dc1f7bbbaa5:1
x-amz-request-id
81e58a9db7de56a6
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:28:07+00:00
x-request-id
68e9e151-e10e-4f78-8e1c-7252cc05e3c8
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:54 GMT
server
nginx
etag
W/"487f54f0c53e89966ecb91fb18632e0d"
x-amz-version-id
0005D1CC492F37C9
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
image/svg+xml
expires
Sun, 28 Aug 2022 13:08:44 GMT
truncated
/
162 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
vendors~adaptive.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
339 KB
128 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~adaptive.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
eff980b37035b0cd186f37131d156a7275f00aaa82ebfd25b06080a6cc8146c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
53135e6eae449937:5881c2b71d3f51da:53135e6eae449937:1
x-amz-request-id
3f20976099e2c821
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:35+00:00
x-request-id
4ab63cd8-575f-4ec2-928d-953553df212c
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:12 GMT
server
nginx
etag
W/"ff41ec96a7348dcd968ef42210ac2327"
x-amz-version-id
0005E6D4A106CB22
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
adaptive.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
277 KB
81 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ca4da12cb354937a133f8eb9dd3c019612db02ff000471f98af3be104e753fd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
314c7e887bfa1191:5dcb0887eafc82e7:314c7e887bfa1191:1
x-amz-request-id
70b275db249aa759
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:35+00:00
x-request-id
3e235b9e-b91d-4561-bf00-17f964a9da44
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Fri, 26 Aug 2022 14:17:38 GMT
server
nginx
etag
W/"3ea3c839fd9539264d6cb05bcd4f72c8"
x-amz-version-id
0005E7259387D652
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
adaptive-topbar.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
68 KB
24 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive-topbar.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
535cd50aa8ca78a00c768f48ae2cf146b83f000dd796167aade018013578a557
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
6d259cf617c0477f:b7484fb70defbaa3:6d259cf617c0477f:1
x-amz-request-id
7795682b2f4b4acd
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:24+00:00
x-request-id
a624d37b-5dff-41b3-ad47-e7033697580f
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Fri, 26 Aug 2022 14:17:38 GMT
server
nginx
etag
W/"f5b24ec1aaa708b027c0da4b7ad68779"
x-amz-version-id
0005E7259389D8C0
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
radio.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
10 KB
4 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/radio.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f5428b5ba66559d834d12725fb1c86c55f1392aaad426811130f5d673d58815d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
54721e4625bd00aa:1ea86e61e27a3ba7:54721e4625bd00aa:1
x-amz-request-id
64a1854c3bfc94aa
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:24+00:00
x-request-id
cf6d310a-2d4d-472e-9d8c-acee0591695b
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:11 GMT
server
nginx
etag
W/"3fac8155bed6a93f106e78327ee027a6"
x-amz-version-id
0005E6D4A0F96AD0
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
main.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
17 KB
6 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/main.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a19c45ddae7042d6a7e9cd42e8730d263c932042063797d888f04ddf27ccd059
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
d815f51765f8da1a:7b3409d67b2064e:d815f51765f8da1a:1
x-amz-request-id
87cb8a01e347d500
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:25:38+00:00
x-request-id
511284c3-7b4b-45f3-8051-b481599c2681
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:10 GMT
server
nginx
etag
W/"af4115f3b25b1c8e54a9ed1c72e548c0"
x-amz-version-id
0005E6D4A0E3F16C
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
vendors~digest-area.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
97 KB
32 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~digest-area.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2efcbde6ec02b22a2d16f9fb80540f481747d6100f1ec480ddb0b7f3472ab779
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
9cbbd19126c873cb:f1f3418db7a59d9c:9cbbd19126c873cb:1
x-amz-request-id
7b81828c472e3f1e
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:25:38+00:00
x-request-id
fab25da7-6a44-4df3-a92f-9f6226a70fde
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:12 GMT
server
nginx
etag
W/"4e4dab7534a102ecf0a6681f22b8f048"
x-amz-version-id
0005E6D4A10D1CBE
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
22 KB
8 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f2294c4453bd5485d7375f4ea5e5e8e8b868ea839a0ca12bcbae7d364768eb32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
b186157c3f2a4016:5a698c375b87ef2:b186157c3f2a4016:1
x-amz-request-id
0183b4737bee582e
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:24+00:00
x-request-id
84c435cc-dc4d-4520-8488-e454c348c291
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:08 GMT
server
nginx
etag
W/"b9f1086a49b700360ee2f6c3096b90d8"
x-amz-version-id
0005E6D4A0C29099
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
digest-area~digest-section~online-page~section-video~see-also.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
36 KB
13 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area~digest-section~online-page~section-video~see-also.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fb97b96610b6440936056006cc80eb5353a3b9de8a1de3706b50eccc4ab75254
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
97f21125af0a1ee2:b4fef6817306f7c5:97f21125af0a1ee2:1
x-amz-request-id
1ff1218f554ac7d9
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:54+00:00
x-request-id
9d3cc264-f93b-4641-88d0-8215993b6c95
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:08 GMT
server
nginx
etag
W/"552e83a59965a66c2d52589168d96c56"
x-amz-version-id
0005E6D4A0C46ABB
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
digest-area.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
46 KB
13 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/digest-area.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
12cba32bd3140fd295ce10f9f1cef5e68523dd86a34a4618a2fa1d8bdab9fb34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
db3ccbcefdd7a9c6:187f7a7fa8c29a4a:db3ccbcefdd7a9c6:1
x-amz-request-id
cde77a26712d73ae
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:25:38+00:00
x-request-id
78b3698f-775a-429d-9e02-7ff0c0268f04
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Fri, 26 Aug 2022 14:17:39 GMT
server
nginx
etag
W/"916e9781a2c6b3aaebdd7faecd67bc44"
x-amz-version-id
0005E72593924B08
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:44 GMT
d_c2.svg
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/
3 KB
2 KB
Image
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/d_c2.svg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
943af65109daf98a2b2b9df3f48d8b1d5d889801e4cff6337c0010fe0da6647b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
5db5cfe2b1b6e1f4:709eeec7c6559b61:5db5cfe2b1b6e1f4:1
x-amz-request-id
94986789078cc014
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:25:38+00:00
x-request-id
4e1fdcf2-a19f-4a8e-a0c2-f0c6988c0d5f
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:55 GMT
server
nginx
etag
W/"a2974ca67da36c21dfb145c17d78482f"
x-amz-version-id
0005D1CC493238F3
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
image/svg+xml
expires
Sun, 28 Aug 2022 13:08:44 GMT
c3_r1.svg
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/
3 KB
1 KB
Image
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/meteo/c3_r1.svg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ee40f20324da662778884d5ddbe98e4b0797de4c36d0cfe01b417382e681299f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
d687467ee73e375a:740679d1f375f4fc:d687467ee73e375a:1
x-amz-request-id
1bfaa58853d3557f
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T04:19:09+00:00
x-request-id
915d9300-7667-4b64-bd9c-7824e45dd001
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:54 GMT
server
nginx
etag
W/"c61b0c31d25bbe2d413bcda2c7945205"
x-amz-version-id
0005D1CC49230718
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
image/svg+xml
expires
Sun, 28 Aug 2022 13:08:44 GMT
getcookie
matchid.adfox.yandex.ru/
87 B
371 B
XHR
General
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
61890e702ecc66308c08d785457d1f472c8f3e510edde217c33791a25f47af47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
https://www.orel.kp.ru
date
Sat, 27 Aug 2022 13:08:44 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
87
x-content-type-options
nosniff
content-type
application/json
token.json
identity.kp.house/identity/api/2/auth/
754 B
2 KB
Fetch
General
Full URL
https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
8c0d0e27b376d7f01db6c89c702988b7995c0ac6123a7caad6bf1846647759e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 13:08:44 -0000
server
nginx
etag
"72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length
611
get.json
s02.api.yc.kpcdn.net/content/api/1/pages/
85 KB
13 KB
Fetch
General
Full URL
https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?pages.age.month=8&pages.age.year=2022&pages.direction=page&pages.number=18&pages.target.class=100&pages.target.id=69
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c8929c88d0a125e5a78ea80f7d750dacda74f3ee54be59ba77589a75d18d89f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:44 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 09:24:38 -0000
server
nginx
etag
W/"82274290147836726cf451ee403988fc"
x-cached-since
2022-08-27T09:24:38+00:00
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
cache
STALE
expires
Sat, 27 Aug 2022 13:18:44 GMT
get.json
s02.api.yc.kpcdn.net/content/api/1/pages/
52 B
197 B
Fetch
General
Full URL
https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5538685&pages.direction=current&pages.spot=69&pages.target.class=194&pages.target.id=0&sub=1
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2b8361515b39f5e9f277362563dddec841077527b695814c676e46ba4f22452b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:51 GMT
last-modified
Sat, 27 Aug 2022 13:08:51 -0000
server
nginx
etag
"c7974d8a07bc79c9930f4ba881a06fd3"
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
cache
MISS
accept-ranges
bytes
content-length
52
expires
Sat, 27 Aug 2022 13:18:51 GMT
get.json
s02.api.yc.kpcdn.net/content/api/1/pages/
188 KB
42 KB
Fetch
General
Full URL
https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5538685&pages.direction=current&pages.spot=69&pages.target.class=68&pages.target.id=0&sub=1
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b70564331a56b118c56b36625de2cfb51cd79d34557b4cdb169d4f91c417d3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 13:08:45 -0000
server
nginx
etag
W/"aa7132e4b66649f8b89f208eaed8f455"
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
cache
MISS
expires
Sat, 27 Aug 2022 13:18:45 GMT
banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/
0
0
Fetch
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Sat, 27 Aug 2022 13:08:44 GMT
x-content-type-options
nosniff
x-server-trace-id
24a58b54b53e96fb:c84eb78a5c50d3f5:24a58b54b53e96fb:1
x-amz-request-id
2b8c74cbf303b61c
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T08:18:34+00:00
content-length
43
x-request-id
e7d25ba2-0427-4262-8915-8142cebf7887
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:59 GMT
server
nginx
etag
"325472601571f31e1bf00674c368d335"
x-amz-version-id
0005D1CC497B5068
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
content-type
image/gif
expires
Sun, 28 Aug 2022 13:08:44 GMT
truncated
/
169 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
700 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
3 KB
3 KB
Image
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
x-content-type-options
nosniff
x-server-trace-id
ec54b942c70df5e8:fd2614d6fe513e8a:ec54b942c70df5e8:1
x-amz-request-id
fe2029fe41a572a4
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:41+00:00
content-length
2873
x-request-id
7cc067ae-f5dc-4ad0-8e7f-46a5f494e4c4
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Sat, 27 Nov 2021 21:56:46 GMT
server
nginx
etag
"8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id
0005D1CC48B4B459
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
content-type
image/png
expires
Sun, 28 Aug 2022 13:08:44 GMT
wr-750.webp
s13.stc.yc.kpcdn.net/share/i/12/12673640/
72 KB
72 KB
Image
General
Full URL
https://s13.stc.yc.kpcdn.net/share/i/12/12673640/wr-750.webp
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bd17a6513ace2fe24404ebb93892da64e35fab029a9f41bca8d1ec5051458cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Fri, 26 Aug 2022 07:03:33 GMT
server
nginx
x-amz-request-id
19d06c42fa40c358
etag
"74fb4bdcb99e3fbdadf3bf91d1783cbe"
x-amz-version-id
null
cache-control
max-age=345600
cache
MISS
accept-ranges
bytes
content-type
image/webp
content-length
73464
expires
Wed, 31 Aug 2022 13:08:45 GMT
wr-750.webp
s14.stc.yc.kpcdn.net/share/i/12/12672792/
52 KB
52 KB
Image
General
Full URL
https://s14.stc.yc.kpcdn.net/share/i/12/12672792/wr-750.webp
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
04d3d50fadbb70b542be747af21a413fff19da057220995a75134e4e20f18416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Thu, 25 Aug 2022 14:18:48 GMT
server
nginx
x-amz-request-id
742e771aa475a083
etag
"ebaad3f60beaccec6165974011f64418"
x-cached-since
2022-08-25T17:44:59+00:00
x-amz-version-id
null
cache-control
max-age=345600
cache
HIT
accept-ranges
bytes
content-type
image/webp
content-length
53112
expires
Wed, 31 Aug 2022 13:08:45 GMT
wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12672368/
66 KB
67 KB
Image
General
Full URL
https://s10.stc.yc.kpcdn.net/share/i/12/12672368/wr-750.webp
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
90ea29ef27371297264e8369b6c4ede06e7aa68a57680fb4e084d9e4de47f8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Thu, 25 Aug 2022 13:58:56 GMT
server
nginx
x-amz-request-id
e9978982bf21f74f
etag
"57354f3ef13fe41444763904dbb5e728"
x-amz-version-id
null
cache-control
max-age=345600
cache
MISS
accept-ranges
bytes
content-type
image/webp
content-length
67958
expires
Wed, 31 Aug 2022 13:08:45 GMT
74e50d8c9bc007d45542.js
yastatic.net/partner-code-bundles/638452/
36 KB
10 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/638452/74e50d8c9bc007d45542.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5db3eb38fcb64d80fe8c1993a5fe172fe2ca6e5a75939f7a481adad870543626
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10144
last-modified
Fri, 26 Aug 2022 19:44:54 GMT
server
nginx/1.17.9
etag
"f6d86676634be0d7f6d5e5d7dccdaa5b"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:43:54 GMT
585cf8492543ac13bf7f.js
yastatic.net/partner-code-bundles/638452/
13 KB
5 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/638452/585cf8492543ac13bf7f.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
69097add1828ce9e65ed34da29bb103edd596ee8c7b610a3ef01e01d028aba4d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4470
last-modified
Fri, 26 Aug 2022 19:44:54 GMT
server
nginx/1.17.9
etag
"04682d3265b7300a9f676b0319dfb833"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:43:55 GMT
bce1e329e6938e902a31.js
yastatic.net/partner-code-bundles/638452/
86 KB
18 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f8560ab464578e68e658351a4198a3ba5194ff59e4045ff9dcd946ad391cbfaf
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17996
last-modified
Fri, 26 Aug 2022 19:44:54 GMT
server
nginx/1.17.9
etag
"9b783c9d48378de2dd9b506b46d2215a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:43:55 GMT
host.js
yastatic.net/safeframe-bundles/0.83/
33 KB
9 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:40:46 GMT
9fd0b4b611488f082add.js
yastatic.net/partner-code-bundles/638452/
533 KB
106 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/638452/9fd0b4b611488f082add.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d753a5dec79d867ea9001bb5ae9e6fc4b0d959a6045d02980bd4a28fc971364f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
107889
last-modified
Fri, 26 Aug 2022 19:44:54 GMT
server
nginx/1.17.9
etag
"166d6fa811d89d9fc4b81ec3f6b4ab52"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:43:56 GMT
hb
ads.adfox.ru/
218 B
202 B
XHR
General
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
9bd6827d194ed919b9c6a0f09dc1750f688b004cd3c87f0b2632a05d049ed314
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
506 B
XHR
General
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Server
159.69.142.212 Georgsmarienhuette, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.142.69.159.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
nginx
access-control-allow-origin
https://www.orel.kp.ru
etag
W/"a30467e0268c99e52f7dbad8a0ed9099762289add824d132524c9850cfef28c8"
serverid
TODO
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
publishertag.js
static.criteo.net/js/ld/
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:51 GMT
server
nginx
etag
W/"62fb4553-1ddb3"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:08:45 GMT
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/
0
208 B
XHR
General
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
date
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
bid.cgi
pb.adriver.ru/cgi-bin/
0
302 B
XHR
General
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.orel.kp.ru
Pragma
no-cache
Date
Sat, 27 Aug 2022 13:08:45 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ad.mail.ru/hbid_yandex/
11 B
337 B
XHR
General
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 Aug 2022 13:08:45 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.orel.kp.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/
11 B
919 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/
0
208 B
XHR
General
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
date
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
bid.cgi
pb.adriver.ru/cgi-bin/
0
302 B
XHR
General
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.orel.kp.ru
Pragma
no-cache
Date
Sat, 27 Aug 2022 13:08:45 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ad.mail.ru/hbid_yandex/
11 B
337 B
XHR
General
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 Aug 2022 13:08:45 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.orel.kp.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/
11 B
919 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
506 B
XHR
General
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Server
159.69.142.212 Georgsmarienhuette, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.142.69.159.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
nginx
access-control-allow-origin
https://www.orel.kp.ru
etag
W/"d27698860912af5ba5a48d0ab2448a9fd88ffb33eeb0e09ed17ecb7bef3ed631"
serverid
TODO
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
pl999
ssp.bidvol.com/rtb/
11 B
474 B
XHR
General
Full URL
https://ssp.bidvol.com/rtb/pl999
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.1.108.65.clients.your-server.de
Software
nginx/1.14.0 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
server
nginx/1.14.0
surrogate-control
no-store
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
11
x-request-id
98192dcf-0f33-4705-a1b6-2b67898b2838
expires
0
hb
ads.adfox.ru/
219 B
203 B
XHR
General
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f2247eb6f400e4adbfe5b8457624fc866d3adb2dcb2c7c272f043411c2a4cb3e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/
221 B
531 B
XHR
General
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
33bad5e3b66619258034b543ffbfe87aa226ece75571e44333792c106059791e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/
0
208 B
XHR
General
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
date
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
bid.cgi
pb.adriver.ru/cgi-bin/
0
302 B
XHR
General
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.orel.kp.ru
Pragma
no-cache
Date
Sat, 27 Aug 2022 13:08:45 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ad.mail.ru/hbid_yandex/
11 B
337 B
XHR
General
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 Aug 2022 13:08:45 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.orel.kp.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/
11 B
919 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
vendors~autobahn.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
86 KB
26 KB
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/vendors~autobahn.js
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff495faa2d1d7e5fd66d399eef697e1f0f31ad9be129a236997964c70cc1b734
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
3973448181960c13:5446edc2f8587dea:3973448181960c13:1
x-amz-request-id
499bcdb5c1db33dd
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:25+00:00
x-request-id
d6664d22-1035-47d1-bc65-06599192f318
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:12 GMT
server
nginx
etag
W/"753bf756e904f76f4d1e6d25811ea5ea"
x-amz-version-id
0005E6D4A107E99A
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:45 GMT
autobahn.js
s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/
405 B
681 B
Script
General
Full URL
https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/autobahn.js
Requested by
Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.103/adaptive/adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0e3c2b569feb8b04fb3a1b792387fd4b76636b62b419743eaeaed6b1fba96140
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
cec-up-gc4
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-trace-id
28af00b2c06bfbc7:2f2a92ddae378915:28af00b2c06bfbc7:1
x-amz-request-id
151a89c99994a5fe
x-serverless-gateway-path
/{site}/{version}/{filename+}
x-cached-since
2022-08-27T02:24:25+00:00
x-request-id
f6df1371-2837-4183-bf1c-788d6ecb90f2
x-serverless-gateway-id
d5dcee70jck4ehrnhirl
last-modified
Mon, 22 Aug 2022 13:43:09 GMT
server
nginx
etag
W/"d9cc42b783ce35adb2d68a4a0826d6ae"
x-amz-version-id
0005E6D4A0D22624
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
content-type
text/javascript; charset=utf-8
expires
Sun, 28 Aug 2022 13:08:45 GMT
v2
yandex.ru/ads/adfox/232598/getBulk/
14 KB
8 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&date=2022-08-27T13%3A08%3A45.143%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=1971539229&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1661605725094-594&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
78687a2bda2b9eb4da61bfecc0c8d9be3e01983d4c4277b5d7ceb87c82bc2202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605725194905-10325652073027016486-sas3-0641-7f2-sas-l7-balancer-8080-BAL-8212
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
v2
yandex.ru/ads/adfox/232598/getBulk/
3 KB
2 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A08%3A45.173%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=973942785&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A300%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A1611%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=300&available-height=400&yaru=true&pp=g&p2=fqyp&ps=bxyd&puid1=adv-1661605725100-542&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
068b4a9910fbcf180de07c70cf5818f3e707b011c33fc19a5bba7ed8d3afde4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605725246063-16144986925555228739-sas3-0641-7f2-sas-l7-balancer-8080-BAL-616
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=70934772085
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=44874522512
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/
0
216 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=2488680788
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/
0
215 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 22 Aug 2023 13:08:45 GMT
pixel.gif
static.criteo.net/images/
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 22 Aug 2023 13:08:45 GMT
events
bidder.criteo.com/csm/
0
215 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Aug 2022 13:08:44 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/
0
215 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v2
yandex.ru/ads/adfox/232598/getBulk/
98 KB
29 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&date=2022-08-27T13%3A08%3A45.312%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=1142423401&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=638452&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1661605725094-485&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MTk0LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxMDgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a472d3347fbea82a7325067ead12c3a94291d1b78d4bef7a81ec569979fe0b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1661605725339512-3719076210105067762-sas3-0641-7f2-sas-l7-balancer-8080-BAL-2949
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
smi.js
jsn.24smi.net/
89 KB
28 KB
Script
General
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/9fd0b4b611488f082add.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c6e261ec58a2d34a827a10854f6257cd9911f8a2784df02c90b90b05a5b07cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
226
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jul 2022 15:48:24 GMT
server
cloudflare
etag
W/"62debb48-16333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
741509a77c1cbb80-FRA
expires
Sat, 27 Aug 2022 14:04:59 GMT
event
ads.adfox.ru/232598/
0
54 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=e63fe0849e807a4b&pm=cyz&p5=lamxz&ad-session-id=2328301661605725146&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjBp1-ghrJE0KdILKn&pr=mxktefl&puid3=top%3Aregion&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fqyp&rand=bxhkdwj&sj=IkxJfPbtn7kh4fzOl3M8ipkxW08Zy5PzpSdGlqvW87C8-Ps8_gokKvnYq9s3vA%3D%3D&puid1=adv-1661605725100-542&p1=cbpai
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
v2
yandex.ru/ads/adfox/232598/getBulk/
16 KB
8 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A08%3A45.354%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=1252016241&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=638452&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1661605725099-373&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjE3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjc3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNzE1NzM3NzA5NDBiNzJjMDQyODkifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjM3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoia3BfMnNsb3RfMXNjciJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTYwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODQyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTIifSx7ImJpZGRlck5hbWUiOiJhZGZveF9hZHNtYXJ0IiwiY2FtcGFpZ25faWQiOjE1OTIwNDAsInJlc3BvbnNlX3RpbWUiOjE5MiwiZXJyb3IiOnsiY29kZSI6MX19LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjg5MDQ1MCwicmVzcG9uc2VfdGltZSI6MTA5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyNzE2NiJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxODcxMDE2LCJyZXNwb25zZV90aW1lIjoxNjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTUzNSJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2ltaG8tdmlkZW8iLCJjYW1wYWlnbl9pZCI6MTc4OTU4MSwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjoxfX1d&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5b1319dda4cd70f70efdf5a4fac714b034d7ad74c6c1833cbe68f377ed94a90a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605725381560-6103044808304256127-sas3-0641-7f2-sas-l7-balancer-8080-BAL-4212
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
v2
yandex.ru/ads/adfox/232598/getBulk/
16 KB
8 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A08%3A45.357%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=4049718695&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A215%2C%22top%22%3A1228%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=638452&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1661605725098-641&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjE3NCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjc3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjQwLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTYxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTkifV0%3D&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8a03caff7424f8c8bc29f876da388914841ffa8e03242983d6bbdc4ba4bef491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605725384421-15492671905211214450-sas3-0641-7f2-sas-l7-balancer-8080-BAL-1606
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
v2
yandex.ru/ads/adfox/232598/getBulk/
15 KB
6 KB
XHR
General
Full URL
https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-27T13%3A08%3A45.368%2B00%3A00&pd=27&pdh=1200&pdw=1600&pr1=3120423301&pr=3985167509&prr=&pv=13&pw=6&extid_loader=&extid_tag_loader=www.orel.kp.ru&ylv=0.638452&ybv=0.638452&ytt=274879517687813&is-turbo=0&skip-token=&ad-session-id=2328301661605725146&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A235%2C%22top%22%3A3716%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A5%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=638452&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1661605725100-190&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&puid3=top%3Aregion&puid5=&slotNumber=6&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjE3MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjc3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRDZ0UEcyWDF3OTM1S2tIaTlxb0gifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjUxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF84c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTYxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAzMDA3In0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5Mjc4NTcifV0%3D&utf8=%E2%9C%93&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&use-server-side-rendering=1&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d6358eacf9a7057eb1573600137f81f572b7c65b9d365c67505c6ed229d7f523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1661605725396449-1557772085020128520-sas3-0641-7f2-sas-l7-balancer-8080-BAL-9118
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:45 GMT
cfg
data.24smi.net/
427 B
440 B
Script
General
Full URL
https://data.24smi.net/cfg?object=19594&ver=36&pio=true&pps=true&callback=__smiCb1661605725376
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1ef4ed06289911c989e537c6f45b580386ce3080cf5a0da043eea75e868d86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cache-control
no-store
cf-ray
741509a7ac85bb80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8278.js
jsn.24smi.net/b/5/19594/
15 KB
6 KB
Script
General
Full URL
https://jsn.24smi.net/b/5/19594/8278.js?t=1653556517
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 27 Aug 2022 09:49:43 GMT
server
cloudflare
etag
W/"6309e8b7-3b68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
741509a80d31bb80-FRA
expires
Sat, 27 Aug 2022 14:02:48 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 214E
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
422be4142d91c461f7fa4e71bd26b9e62ffede36ea22ec011d8c060956e64668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28510
x-xss-protection
0
server
sffe
etag
"1315 / 268 of 1000 / last-modified: 1661552013"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:08:45 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=79de8bedf68a8eda&pm=bmo&pxo=T0sJdDKrxtBjTz62tHz7MtDYCY0pfjmmwxAq16diMKTEkpoyD6VIQElCdlSun0WSwfg2fRDbKtz7mOkE3HXBYTfyRSPQJ0lDHXQ4UKVEtVLV4TzFTKuXg11k22B-7bp3qjzdHeUmcm92xlwv7a9CN3Ak1AS--5nVqr8A2pVqumSuJHC845d1&p5=gwdbk&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=dbjcmnc&sj=BehuTbujo5wG5re_7FYqbITHNFTXutkhQaFD6vj7Doc_6G_-PUvnKmL6mmZIGg%3D%3D&puid1=adv-1661605725094-594&pr=mxktefl&p1=cdinl&rqs=XG8zHB1qZEhdFwpjgHcrBuJISwfl-pey
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 11:18:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Aug 2022 13:08:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Aug 2022 13:08:45 GMT
css2
fonts.googleapis.com/
5 KB
684 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 12:51:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Aug 2022 13:08:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Aug 2022 13:08:45 GMT
css2
fonts.googleapis.com/
9 KB
813 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/9fd0b4b611488f082add.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 12:55:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Aug 2022 13:08:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Aug 2022 13:08:45 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=6f8488234cc46003&pm=cyz&p5=ljjmt&ad-session-id=2328301661605725146&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjxk_vJh-_71j7Rw41&pr=mxktefl&puid3=top%3Aregion&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=gvdq&rand=elozmtd&sj=WvD-dGSjeMD10S55YomaQ_F6NqQ5AEDXD0XRS8TCu2qqT6G6b9gSx_CXQEZR7w%3D%3D&puid1=adv-1661605725100-190&p1=clerf
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/
66 KB
67 KB
Image
General
Full URL
https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Fri, 01 Jul 2022 12:23:23 GMT
server
nginx
x-amz-request-id
796e1d1badcd5792
etag
"5a1c10449bf6ba3fb79322a26dc59f6f"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id
null
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/jpeg
content-length
67614
x-nginx-request-id
11ed29ce1efea94d
5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/
26 KB
26 KB
Image
General
Full URL
https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
last-modified
Tue, 19 Apr 2022 13:08:29 GMT
server
nginx
x-amz-request-id
80bd858235c3f9a8
etag
"1366b90e36296da712c6488fa46b6f41"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id
null
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/jpeg
content-length
26361
x-nginx-request-id
0a99378346a3efee
informer
data.24smi.net/
3 KB
1 KB
Script
General
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1661605725&ptz=0&pl=en-US&object=19594&template_id=8278&num=4&ref=&output=json&chash=rJmEgNtqxI&extids=&page=https%3A%2F%2Fwww.orel.kp.ru%2F&callback=__smiCb1661605725377
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74045cd2021ffbf3a064a0b496bc401c8d27f195b88507afdcef3f8a5ea99b73
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cf-ray
741509a86aa19bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 14:33:06 GMT
x-content-type-options
nosniff
age
254139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22952
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:46:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 14:33:06 GMT
4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/
39 KB
39 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:11:36 GMT
x-content-type-options
nosniff
age
17829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39860
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:47:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 08:11:36 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:36:30 GMT
x-content-type-options
nosniff
age
408735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:36:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:44:52 GMT
x-content-type-options
nosniff
age
419033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:56:05 GMT
x-content-type-options
nosniff
age
432760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 12:56:05 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:55:48 GMT
x-content-type-options
nosniff
age
432777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 12:55:48 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:17:14 GMT
x-content-type-options
nosniff
age
413491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:17:14 GMT
pubads_impl_2022082401.js
securepubads.g.doubleclick.net/gpt/ Frame 214E
379 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 07:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132170
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 08:40:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 27 Aug 2023 07:29:06 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/
25 KB
26 KB
Font
General
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-nginx-request-id
55714393f83deb54
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:58 GMT
watch.js
mc.yandex.ru/metrika/
158 KB
56 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 15:42:57 GMT
etag
"63076e51-de2c"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56876
expires
Sat, 27 Aug 2022 14:08:45 GMT
veeam.com
favicon.yandex.net/favicon/
427 B
640 B
Image
General
Full URL
https://favicon.yandex.net/favicon/veeam.com?size=32&stub=1
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7dd34c9eee35f531427bd86eb783c9a5c08f38d69558d4db32eb3b7f8fc706d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame EBE3
24 KB
7 KB
Document
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Sat, 27 Aug 2022 13:08:45 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Mon, 26 Aug 2052 19:41:31 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
f8498f0d5606aa868d546e60e80d5f28.jpeg
img.24smi.net/100_100/f/8/
5 KB
5 KB
Image
General
Full URL
https://img.24smi.net/100_100/f/8/f8498f0d5606aa868d546e60e80d5f28.jpeg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd22e09d4adabfe32329aa174e6ee52e84230564f2978e9c3f5835f40f4c1a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
25325
cf-polished
origSize=5375, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5221
last-modified
Tue, 28 Jun 2022 11:53:18 GMT
server
cloudflare
etag
W/"62baebae-194f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 23 Jun 2023 06:03:14 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
741509aa3829bb80-FRA
cf-bgj
imgq:100,h2pri
ef5c1a80d5f9ac6ec1292457fa109285.jpeg
img.24smi.net/100_100/e/f/
7 KB
7 KB
Image
General
Full URL
https://img.24smi.net/100_100/e/f/ef5c1a80d5f9ac6ec1292457fa109285.jpeg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33686bed3d6f169eab0a750e2e514e31fee74c58ccb8aa9b26705e79b3158a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
25267
cf-polished
origSize=6811, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6680
last-modified
Mon, 01 Aug 2022 05:36:47 GMT
server
cloudflare
etag
W/"62e7666f-1d74f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 23 Jun 2023 06:06:27 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
741509aa3827bb80-FRA
cf-bgj
imgq:100,h2pri
7de4521c030d3b61e1ee68c79e712d61.jpeg
img.24smi.net/100_100/7/d/
4 KB
5 KB
Image
General
Full URL
https://img.24smi.net/100_100/7/d/7de4521c030d3b61e1ee68c79e712d61.jpeg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa110a8639efcf6414bc1b2c25c74a78b7c08999c627a999688169d87bfa8404
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
69349
cf-polished
origSize=4687, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4484
last-modified
Fri, 05 Aug 2022 08:47:54 GMT
server
cloudflare
etag
W/"62ecd93a-14054"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 22 Jun 2023 17:52:39 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
741509aa3823bb80-FRA
cf-bgj
imgq:100,h2pri
5e37affff9fe244ea2be278e78d5a286.jpeg
img.24smi.net/100_100/5/e/
4 KB
4 KB
Image
General
Full URL
https://img.24smi.net/100_100/5/e/5e37affff9fe244ea2be278e78d5a286.jpeg
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a349675306785f5d0860b6af29b39fb5a4e7a19e484d3e536328582dabfefc3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
67731
cf-polished
origSize=4514, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4327
last-modified
Tue, 23 Aug 2022 05:05:17 GMT
server
cloudflare
etag
W/"6304600d-123bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 22 Jun 2023 17:57:47 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
741509aa3826bb80-FRA
cf-bgj
imgq:100,h2pri
integrator.js
adservice.google.de/adsid/ Frame 214E
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 214E
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 214E
101 KB
32 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1947919451411139&correlator=3601120892740926&eid=31068457%2C31069105%2C31069173%2C31069102%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_14&sc=1&cookie_enabled=1&cdm=www.orel.kp.ru&abxe=1&dt=1661605725826&lmt=1661605725&dlt=1661605725453&idt=349&adxs=1410&adys=389&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=a99aokuiwiqc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.orel.kp.ru%2F&top=https%3A%2F%2Fwww.orel.kp.ru%2F&frm=23&vis=1&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=55196096.1661605726&ga_sid=1661605726&ga_hid=265609345&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
16543364b182b8ef4ff9f7bac97bb660a8a0f089067140e7f34e0bec1e91f8cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32906
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 214E
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c56827da1c17fe2a0b144204b1f8e9cf0fc1378db69721a16c5c814e3e168f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11142
x-xss-protection
0
container.html
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2612
6 KB
4 KB
Document
General
Full URL
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:45 GMT
expires
Sun, 27 Aug 2023 13:08:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame DF28
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24287f9d20dcf167577e48a9a65d297ee75926f2c140696b922996e27a303f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28570
x-xss-protection
0
server
sffe
etag
"1315 / 816 of 1000 / last-modified: 1661552013"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:08:45 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=739fbf9f70034e79&pm=bmo&pxo=XGJ0gQ5vC9VPZGIKv6jawVbt9iqScO9B_KvZrtDRPpQS8u5HX56_FlLwiNfm59Aba-4KxiQmLXIlCIaa8iMRyoMllbbgKq4L9kB8QjbusxrAMn7ozYXvIxVNfxM-j8jfLkppBHcAyKL90jKe-J6G9AITBfRxzTqSD-Q-wxXu2A5WQCxPea8%3D&p5=gwefg&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjMBFte6SVm4iYmpnv&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fxjd&rand=cvrlkpb&sj=Q9AlVQCLcwMddEQ8sHIOMdDknUaGBlN0zYnZ2-F8fGcHsh9yUNqhXcFrPSGnWw%3D%3D&puid1=adv-1661605725098-641&p1=cavko
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame EBE3
95 B
400 B
Image
General
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:08:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0001
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Sun, 28 Aug 2022 13:08:46 GMT
pubads_impl_2022082302.js
securepubads.g.doubleclick.net/gpt/ Frame DF28
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132097
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:23:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 18:56:38 GMT
1RYva3hR0Hm200000000U9nJZCatbf7DIl4m53ZJiDd1WCdLCbQSAva123nX8g5TINiIO_lI61XI6O7YcG9dFYm5YPVA07cr2K2YbH54Te9aWO29OIRZ51i8Uo5Zd0g4jP9njmA4jPUnw3e_mr4m_omZCr3aAYD8wrr61Xa6fh-CivWO6EOoWKIMCfq2Igzb-WLad...
yandex.ru/an/rtbcount/
43 B
336 B
XHR
General
Full URL
https://yandex.ru/an/rtbcount/1RYva3hR0Hm200000000U9nJZCatbf7DIl4m53ZJiDd1WCdLCbQSAva123nX8g5TINiIO_lI61XI6O7YcG9dFYm5YPVA07cr2K2YbH54Te9aWO29OIRZ51i8Uo5Zd0g4jP9njmA4jPUnw3e_mr4m_omZCr3aAYD8wrr61Xa6fh-CivWO6EOoWKIMCfq2Igzb-WLadsNw3mHFcLu0HLun2Tptr3GGECF0KBI2TRV5SrQ6lqoS88SmimB9NcP583cL6MJ4N6OcaEL04cmxoqRcMypVQjbE-IkSP8xvhdZtnfOLsLV1Ak-2oP_C3axyO6VEOb68SBUeyd0oB8nopKXnAo_8IawByZ8FDqZqC_9mIedmpLx88XqAKRo2PKhb3XQc0onCDraWllnW_v3bx1aGU6F_bWNarmcihGqT3Mq7x1QmSfvatVo40wpk0cj3GmFBJTQOozkFR5opMF8hAyYV7MmDB1FOxjmx-_3YuLcRF6QmNJaSl81jzwQ7RxfUVFgpdd4b6ypi0smU9zYO7x7n9XeuMcKKvdeOXHKacRzaWxdY9vmraNt-kgdJZ3dVsCzYPpCpjZ0nDTh0tg2mWvtn1Bl80_Q71wwUx7pnRcBM3tQU1ewjxmq03nsfoW00
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Sat, 27 Aug 2022 13:08:45 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Aug 2022 13:08:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 214E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:45 GMT
integrator.js
adservice.google.de/adsid/ Frame DF28
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DF28
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
securepubads.g.doubleclick.net/gampad/ Frame DF28
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1183389336383105&correlator=1222350070395493&eid=31069153%2C31067826&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_14&sc=1&cookie_enabled=1&cdm=www.orel.kp.ru&abxe=1&dt=1661605725985&lmt=1661605725&dlt=1661605725841&idt=90&adxs=215&adys=1225&biw=1600&bih=1200&isw=240&ish=400&scr_x=0&scr_y=0&btvi=1&ucis=ppg4hr1sdlcm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.orel.kp.ru%2F&top=https%3A%2F%2Fwww.orel.kp.ru%2F&frm=23&vis=1&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=22933484.1661605726&ga_sid=1661605726&ga_hid=1630226312&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
86ecfd8e9bfcb56c30ab39b5865e31a050f720db76809fbc0c811caf2827e673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9658
x-xss-protection
0
google-lineitem-id
5143921351
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138281649010
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DF28
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082302&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
746fd26ec5673cca8d59db35288bad8ea1acf681306bd02959ba9614f7c0d8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
container.html
1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7E7F
6 KB
3 KB
Document
General
Full URL
https://1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sun, 27 Aug 2023 13:08:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 9182
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/638452/bce1e329e6938e902a31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28646
x-xss-protection
0
server
sffe
etag
"1315 / 994 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:08:46 GMT
event
ads.adfox.ru/232598/
0
66 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=16f05c5f8d5270de&pm=bmo&pxo=wkMUZ_yQ3KBt01B_hRUnRhGV_xd970_W1Q_nNiU2wfR7RHiu-mnZX_fL7_44724JYVkz7wct2F36zA5ehgQ1DH0Y-jjQnSLvpaWX_V6x_GbhYvz10EJ538_F9A9dTelxmahOb0XXSc35fXLbc7wvP6UGXJ9hgVkMcpL27jitT7zIzJEH2Q%3D%3D&p5=gwaok&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjDfLYI7SQcy8WrtEe&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fbao&rand=gwsgkwa&sj=4xo2T34kJ5jtsj7iGfpX2mDKOk4C0S1RmZ258iio0Y1Wt-pKI9S90uKAjKPu0A%3D%3D&puid1=adv-1661605725099-373&p1=bufhv
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D69
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 12:51:17 GMT
expires
Sun, 27 Aug 2023 12:51:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4BAA
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5edd92e583f4a3a33b692f58b602a8a00cd19830eda3af24d85a84a6e6f9f018
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yx4HtPBr68PlVPTqfKgRtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yx4HtPBr68PlVPTqfKgRtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sat, 27 Aug 2022 13:08:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.bRzznenTSHE7JrMIfPLnWZoCrV2Xt7UDjzappqw_nYN0oGscmco7eJmB7mOuSZZe.zH2y3Qpo0dDNaV9O6EMz-kUzvlk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9743.gmAvMA681SLeNVIoW5uN0a9q20MQltl_uouF0mjuwj3fMJxxISM-1r6Zw82cpTqW-tD4q4xZvPPdqr0Px6GExxsgt0cQHkuMXkP3MHrF7rA%2C.VW83vVqcQa1MpS3lAbgTJIxHOlQ%2C
43 B
354 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9743.gmAvMA681SLeNVIoW5uN0a9q20MQltl_uouF0mjuwj3fMJxxISM-1r6Zw82cpTqW-tD4q4xZvPPdqr0Px6GExxsgt0cQHkuMXkP3MHrF7rA%2C.VW83vVqcQa1MpS3lAbgTJIxHOlQ%2C
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9743.gmAvMA681SLeNVIoW5uN0a9q20MQltl_uouF0mjuwj3fMJxxISM-1r6Zw82cpTqW-tD4q4xZvPPdqr0Px6GExxsgt0cQHkuMXkP3MHrF7rA%2C.VW83vVqcQa1MpS3lAbgTJIxHOlQ%2C
date
Sat, 27 Aug 2022 13:08:46 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ Frame 9182
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 07:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 27 Aug 2023 07:00:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DF28
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:46 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 4D69
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
241148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 18:09:38 GMT
integrator.js
adservice.google.de/adsid/ Frame 9182
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9182
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.orel.kp.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9182
127 KB
44 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=837880506083025&correlator=3294257234477916&eid=31068827&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_14&sc=1&cookie_enabled=1&cdm=www.orel.kp.ru&abxe=1&dt=1661605726114&lmt=1661605726&dlt=1661605726004&idt=89&adxs=1100&adys=486&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=pgcanagmz3tx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.orel.kp.ru%2F&top=https%3A%2F%2Fwww.orel.kp.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=743342020.1661605726&ga_sid=1661605726&ga_hid=94720352&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
339a490c8e2fbcd089f57e775d3a0958b230640f7376517319b300a95e27642c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXpwdiL5_kCFc-CgwcdsokF-w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXpwdiL5_kCFc-CgwcdsokF-w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44907
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sat, 27 Aug 2022 13:08:46 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9182
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc63b13313871c1f2d6c730de93b21fef5f5cc8bfd0b3002688d94336ae3bbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11087
x-xss-protection
0
container.html
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC31
6 KB
3 KB
Document
General
Full URL
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sun, 27 Aug 2023 13:08:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4BAA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082401&jk=1947919451411139&rc=
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C160
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 12:51:17 GMT
expires
Sun, 27 Aug 2023 12:51:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 88C8
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91d6b84d7c4a150b0e2562c06301ef080a7198489e67bdc986f9be044770b23f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7XH29mKm0cZU60bCyFP4Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-7XH29mKm0cZU60bCyFP4Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sat, 27 Aug 2022 13:08:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame C160
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
241148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 18:09:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9182
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 4D69
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?uxjDxQ
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A08C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 12:51:17 GMT
expires
Sun, 27 Aug 2023 12:51:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CED7
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d4e9d02ddd9bf29168f326e3c7437bc9ba7c8d90407011cb15f279343a2d438f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9IsJDly1IuHbqn1-JKU1vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-9IsJDly1IuHbqn1-JKU1vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sat, 27 Aug 2022 13:08:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 88C8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082302&jk=1183389336383105&rc=
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame C160
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?0VURHQ
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame A08C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
241148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 18:09:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CED7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=837880506083025&rc=
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

container.html
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A266
6 KB
3 KB
Document
General
Full URL
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sun, 27 Aug 2023 13:08:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=f6e1bfcbc0f269c4&pm=bmu&pxo=T0sJdDKrxtBjTz62tHz7MtDYCY0pfjmmwxAq16diMKTEkpoyD6VIQElCdlSun0WSwfg2fRDbKtz7mOkE3HXBYTfyRSPQJ0lDHXQ4UKVEtVLV4TzFTKuXg11k22B-7bp3qjzdHeUmcm92xlwv7a9CN3Ak1AS--5nVqr8A2pVqumSuJHC845d1&p5=gwdbk&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=gnfgdgd&sj=BehuTbujo5wG5re_7FYqbITHNFTXutkhQaFD6vj7Doc_6G_-PUvnKmL6mmZIGg%3D%3D&puid1=adv-1661605725094-594&pr=mxktefl&p1=cdinl&rqs=XG8zHB1qZEhdFwpjgHcrBuJISwfl-pey&resp-time=843
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 857A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5aGzMEjmRuN4jB-jA2bZbxEHJdOPFasuy6WYgeJJ6lqqbfIB22r-N24tgKICRrAiEia-CKcfuPJwf_b_sKvvsih-TNN9nmWMoptF7eolLUDSWJijvdLTBLoDGNEv2ZYMVdRG5POK8U0e2ZtcU6DyeImrRC0nsJ8CHQwMDHk4_h4zVwG-DVi0fUItKQlIh9YR5dB1tnaRIEdgHBCHTUoN_O1ntwFpS_YnrDHxCXaoEFBEP3aL7D1Y6sH1xTPjGQLglhMPcv5P_8tvfRfMghvZpA3ijFdFBCctAXpk0KZKBQ9But8-ZRfPG-oBJ-y_FS7W1gQ&sai=AMfl-YTx8QNSTqM8Lp5A1-ltuJ9V0QSDgLpRYMad__jqqjO9mnNo_PHYrTUx-MN5v8r8ltMbnrbd0HeTSjfJDDB5Ph2FwAp7DYcGTXrc3za-NlJrzqdmeTgRL4v7aWk20aSvOzY&sig=Cg0ArKJSzDt-NInwW8WIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 27 Aug 2022 13:08:46 GMT
adfox-adx-stub.js
yastatic.net/pcode/adfox/ Frame 857A
60 KB
15 KB
Script
General
Full URL
https://yastatic.net/pcode/adfox/adfox-adx-stub.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15032
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:03:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 857A
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:46 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=ca047070009de318&pm=bmv&pxo=XGJ0gQ5vC9VPZGIKv6jawVbt9iqScO9B_KvZrtDRPpQS8u5HX56_FlLwiNfm59Aba-4KxiQmLXIlCIaa8iMRyoMllbbgKq4L9kB8QjbusxrAMn7ozYXvIxVNfxM-j8jfLkppBHcAyKL90jKe-J6G9AITBfRxzTqSD-Q-wxXu2A5WQCxPea8%3D&p5=gwefg&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjMBFte6SVm4iYmpnv&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fxjd&rand=jlpdnyt&sj=Q9AlVQCLcwMddEQ8sHIOMdDknUaGBlN0zYnZ2-F8fGcHsh9yUNqhXcFrPSGnWw%3D%3D&puid1=adv-1661605725098-641&p1=cavko&resp-time=556&creative-id=138281649010&google-width=240&google-height=400
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
1
mc.yandex.com/watch/26254/
Redirect Chain
  • https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3A...
167 B
542 B
XHR
General
Full URL
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605726%3Ac%3A1%3Arn%3A712482926%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605723679%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605726%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
504d9e9a0c6f1205ec27da2f049ec929a835f4b36277f1bfbf9a0521d2bc8318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
location
/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605726%3Ac%3A1%3Arn%3A712482926%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661605723679%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605726%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame A266
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 12:58:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A266
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq2_tXRcKY4O2Ns7lgAefk7e4BoyEgIFszMmU1okPz8O-3csYEAEg8cvnQmCV-puCrAegAePAq8cDyAEJqQJUqVXC_LewPuACAKgDAcgDywSqBI4CT9AIhWUgEJVBadJCcVinbQTeGUiBZU29pF4SZ2387Cwcl5uIe5UBpurvUxyR3_2ZYTznSCUNxMBNwUcADyFh0EJXF7vpng_3U072Iwb_7GTzZbwXk7XhAC58q5jsiI6YREKq8JQBIOcoS77j7yryNs0wtn5KPf07W23Q3_SN1_L0BKDGb_WXE1HgidBvdl1bvvN6kXeryX_whTwVVJp_VGDT1hX7-es2ksgKVULm9IaeNgkGuxnNNChAsmuftFIbW7yB7Y3RxaYRUClSR4AWHEbWb4oH5LuEQELy6RdM0QHXorSgSANMzgGu2XB6kSN1KoXsKp58rd6Az9mqn7EbdCoW6ZLFTQlpTjNR3RymwASylae9uwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0f-MJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDgsg7SCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwuIFAHQFQGAFwGyFx4KHAgAEhRwdWItNzE3MjczMzQwODQ1NTY5Mhjx_hM&sigh=mMbYtZULQ6o&uach_m=[UACH]&template_id=494
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame A266
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:03:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame A266
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:05:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A266
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame A266
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:00:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:00:45 GMT
l
www.google.com/ads/measurement/ Frame A266
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_0pCiZX_R8Rh2X4WIlbqpwzWx1_huMf0DUTLyftVs3XzkM2xOoQ_fATwTwEih7eRFpf52ew65DHy1DJ8bF5qCSLD9CA
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame A266
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 22:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 22:40:08 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A266
13 KB
14 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQydSkbkpK7Q13yXOFuBB3ggzHJhlYalPxou7vO7GwKlgR3UW85&usqp=CAI
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15faaad9af4f4cda247a27e82a213dd9b4c869fd83453ad90782e5267fbc284c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 23:54:32 GMT
x-content-type-options
nosniff
age
47654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 17:09:52 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Aug 2023 23:54:32 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A266
10 KB
10 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ4QuYqMFh3bV4JHuaEscJRRw0qnSSS2usrpGTNy_0IyWPNn8Q&usqp=CAI
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872e94890b03f9af48a7e5e96921028874875291af778d117e5a674fbf87305b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 00:04:47 GMT
x-content-type-options
nosniff
age
47039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10509
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 18:08:19 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Aug 2023 00:04:47 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A266
17 KB
18 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQtY4eaqYNlXn3pJyOC-RrRK-m5Q36uCOKk9zckXbI7KsKne_RFsfuL3LtpvQ&usqp=CAI
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78b852ca73b171063a9bba4db3ced5d6943d870b0c920b3be7c33e63a55bdda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 00:04:47 GMT
x-content-type-options
nosniff
age
47039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17421
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 14:10:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Aug 2023 00:04:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A266
19 KB
20 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSoSFwJnXfbghGUcykq7YEkyy-rYgbh2rIpWiEDUhA_wbhDfIsiyicHXqFbfmE&usqp=CAI
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8530bb991f95b6380e98d4950c3ba10072664af547de2196b599e7278b9f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 00:05:28 GMT
x-content-type-options
nosniff
age
46998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19722
x-xss-protection
0
last-modified
Tue, 13 Nov 2018 19:39:44 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Aug 2023 00:05:28 GMT
7103612115487317334
tpc.googlesyndication.com/simgad/ Frame A266
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U
  • https://tpc.googlesyndication.com/simgad/7103612115487317334
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7103612115487317334
Requested by
Host: 64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
URL: https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:30:16 GMT
x-content-type-options
nosniff
age
322710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5156
x-xss-protection
0
last-modified
Mon, 18 Nov 2019 11:07:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Aug 2023 19:30:16 GMT

Redirect headers

date
Sat, 27 Aug 2022 09:40:20 GMT
x-content-type-options
nosniff
server
cafe
age
12506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/7103612115487317334
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Sep 2022 09:40:20 GMT
truncated
/ Frame 857A
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
982073f1edef692232c09620bde517fedaff869ab7828c7a8db1c03b2fafd07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/
240 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87e477ef383e1521fb3c5cd3402a63b354ea2d2911a4553067684b3cf3f3f7e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75745
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Aug 2022 13:08:46 GMT
container.html
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 77E1
6 KB
3 KB
Document
General
Full URL
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:46 GMT
expires
Sun, 27 Aug 2023 13:08:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=1cb3972b7ec3d2cc&pm=bmu&pxo=wkMUZ_yQ3KBt01B_hRUnRhGV_xd970_W1Q_nNiU2wfR7RHiu-mnZX_fL7_44724JYVkz7wct2F36zA5ehgQ1DH0Y-jjQnSLvpaWX_V6x_GbhYvz10EJ538_F9A9dTelxmahOb0XXSc35fXLbc7wvP6UGXJ9hgVkMcpL27jitT7zIzJEH2Q%3D%3D&p5=gwaok&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjDfLYI7SQcy8WrtEe&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fbao&rand=jlkvuou&sj=4xo2T34kJ5jtsj7iGfpX2mDKOk4C0S1RmZ258iio0Y1Wt-pKI9S90uKAjKPu0A%3D%3D&puid1=adv-1661605725099-373&p1=bufhv&resp-time=511
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
generate_204
tpc.googlesyndication.com/ Frame A08C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?5Kp9Aw
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame A266
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25f9e6f20b6570f46796ec4baf73b9881750c823ab4a726038a25d6067c9a930

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 857A
0
0

v2
an.yandex.ru/adfox/232598/getBulk/
140 KB
37 KB
XHR
General
Full URL
https://an.yandex.ru/adfox/232598/getBulk/v2?available-height=400&available-width=240&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjE3NCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjc3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MjQwLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MTYxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjo3OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0ODgwNTkifV0%3D&date=2022-08-27T13%3A08%3A45.357%2B00%3A00&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&enable-flat-highlight=1&extid_loader=&extid_tag_loader=www.orel.kp.ru&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDB9CiKjpqzkqOmBMFBHPMzNtz301r1qnGx27JyYQzpmyE7n-5lO7iGV4dPr0OtJjuOZrRp2chKzMjO0VUvKy6UvoJcCegbajDGIERK69HfZRz_wrr-LIEEIUyAGMZZYY8gxSWyISRQWBW2c1BiSAl6siU01BGYBo7DE2gUAaV1w4wCmUQGjxvoBchFQKajjtMYqH52qpXcRShdNkli36FJVQNYYygKtXlAWbAHUKGCeBtMCLqZY2A2NuiG-IRM_re4KEog40aIC0yVPIqdgBdN5VNNYU8F0xFCXYlj1QOjjZFFSVQDCo6wh2vxsVmZkfPxsHHZOPn6rzYqMgw-3dp9fuMnCz8xhtVcmOzMH6KKcHPRcSGwMVhsjk2jlYmSycjBZQReNgSGOnITGmlSc46wxUArquqCSL4AL6oIZBt41VirMRySJtQtsGqsHKdPix6yAXhd4rYJ2QTANRpbag5Ys8MAtGeFtv00KOHEyoOkP-sDQtLCEuNQqB-QlrmnhlYgMpaqheNGgHVjGpgVRfVKrFoi0KmAsPC2LZHokF3siQ8KhK1lcwloQBn-GBZJKZIiWNClPfKrGycKhSa5fEOCKyPZNOeWLiL9EHXhNGr5EBcS3fQqzNCypqacTJ2fBME5RYX-1WDgQIGJEwkkfKBiUmEKEuCxWhlm86PlTZWgQ7lzgZuREwMfPaUMsC85NZ7UyMlUuZHZ6etBF6bnczOw4BFno3U7slYMZGWJGFKJ8MVDTJAV0fuFGR5ZyexAJFysiGwOroFuosqOzo-aoC6oAJx1SIYRuZ2UB3o4FJYKlD-p2V7d0kfAL270jAdDFHi3hkLHRs4HEZl9kIDzN4Wxfn97yhQByazn9SiZfPRIRSsli1QudbFHMCotHWin8mWnySDek2KigiXLBWzeAkM8Qb4SGOlGVjKPxiADQi_00Jot1CmpP9OcwMazf9UZ0yGOP7_lLDJo8UGz20DMI2Wt7QsJ0j2083lUeCA7lztZ83zPuidZTjSmk-BZvWbnmzzgNlm7vPVJHuUhph34FPE_tWEO3PsQbdgF-zzNu4JZxzMz41JTA_TAvhsd4jD1KDsyaaAKXcNJ1vLqX8IJwV5P81VN7iPPxDm0L0p9wak_FSPdcJzfutPVPWHP36y2owc_rXyySxWoPrZkgt7iXsJPwtJ5SDvLf44bnHNUp5KPIWw3Alz4bjkkv4X2vfXq104048UgzMHPQfy2nw0ulMcoRLy7bMoeFZE4nhUfaIW626EbBJijl2-a_AzWBXYpqXtb6PEv5WrTtkTzFdrlirY-b-geQDl2nUdh_6YKUFHpxVPhokSNmX4oBMce6oEAMGFHgQTgzOLicSBxLIE40vEg5EM7dbT1PIkVsDhlEXK6KggcVKAz_ULIaGT89g51JOrKClZeRFR19AG6D2jwNh8QDkhFyVE6kNlRIUN_3msITQjzyXFxcSOz2bAR_kjZeVmee83XVkTSkWEKvgpQgQMaJnJ3b7ajs6JnQI-AV5XMIAc4FLuDyjXQx0zM46FndApUFMycmHlTFmEUKGBi5gUeGyU6EEp6pw165mOlAY2YTlVcDxM4H6ZQDOe56k6OclRpTvj_J7w2pR7qcQrVouqt1UM5R29LpTiaTF5KFKrMJjImzNgtaL9RBG1Mz5FNujoqjJksr_ZyXdefabqVHmjGjQ4kRk9sl4I3sALuZWHdK-_DWeek0pE38vcMKuF-QIT5FLWIZUOkUEvz2SK3l3zOsgkXhBzKxEYitsoII3woyd-htiiv1FgaNCJszAFcE2LEJIbS6XZWNHjR2LNaAd2Nz8vlgJxXcLudVXVYGOisTy5KBhYEXDSO6pQ5AmwXG59NzM9yyAbLVBbb-VpnmNJYpFOZLOCcOdp5Vv3P6xt2pVePHLmn7ZmRmosPh2kpzYkRBD98mWfUQlkGu4N1ZbRjRYUGJtrUZolbFxwbp7YSqsWfsYffq5qTHjwb5KPW1eMEb-QX26Oxdqr1VLw40vVoOoMn65kn1loVYa1kxIWZExNa4u8Jlzq607I3TK-2pSIO9klbiA76UeH6basi0wGpOFpgzAX5kXND1va6lvTmS3U3uQ1RAH9ypyv1etA0TaeMKT530otklx3zBn0Dl5MUIKj2oiz_DJvrXXCLjXVo-AU4JzoYRFFDQIhIvwT80zbxFOk3pa-lq9W30d6r59HmzWyTWa5pL6zrVtbOgPcXV9X0hO9pwpe7XUaJzYUDIjRD1iRf4tK1FTanHA7hwCI0Lop68U8Cu05_G9fyirlJEYmUP8xNjfZTJXhhV5ObwfuWI9SPiVsxXtCQq2lJqnuQpMXS9VDNRWgI87RIm_7SG4BDujmTqaf1FV76EZUetMdD3gCR9oRVmsesFzENtSGooiVri4gmc46kuechL70m2G0nXcqqZPVHZE2CXH2s46Ktli-QyqI_ulziFueSb8ilb8veIJ9nZk7c_X_ip2ub0sNBL2glf3KaYae2sRYR8sgx5dLgxDHRzsT4i9S2WHAy6e3dNG-205_7uYNiX4kj0xa4bop4k91LuaW-VcDdlEndVpqh4UQJtQ07wrgnZYPu7uilXpewIClgPfGO5ymBtuUaWVlqerm8yHajPpmTj_SlenFTKOinTGkirXz2iDN3Jnk2VlzFSdVRP7A2cSHvuN9zx9OJbsQm4SynaUiw2p7bUfoKXkkLpqT5nne66bgoWFxjy1-OJcFVWfdtN07QbfRfN_Xy396m7o1A9qbUuU1XRouGpLuwucSspb_fTEYPpryvA67hXlf1A83grIXRnVA7gEuvOwDBG5WLob5RJERsb6gNn42QCc8yd6rIoIA4KaV81XfZXXa2g4GsvHPRuv-62JLltpQplHCafIdgEh7YA1HVazva5J3DzctprwPmMra0TTEZpyntTr9HPWZev0iRP2WRLxaPsm1d42wvrRuyT1PwgE97zA55OvYyWX74P-ZO8BIzl2oXlqS74aRDG-zWylqTFny25qNhln-j8mhY7rHun6YpqB4XLr5OWmRStdhYX8yKjHaJDO_rhM1CLqcjrb2Bh5ndInX2hofYM3El4onbAjmpMWyPTbjy2W7yWgs2FkbELab4gxuumUTTo2_W3tcnHcN7nrc1bpfx_0M517Wgibxb5QVuXr4vvwpdOTHCqfy9bRgjPr8US7TopCkyTs62XLJe1kdohlaE1yyGeIZRSRbLWcJR8NQyNvX8y5f89oevgwN11yIzt9YsRSc_nL5Vcs8JVXT0wvRoULFI-qFK75WPGfVJHTMPZs6_HP2jFtBfRl-TGuJyVixcBHSr0o5OGXOGlQYBnLkcpJTG_JGS1yLWdnrlnP8ia1vWixg7Yl7LB2owumXzKTrNC-ycf1B-TAco8Osad1DDRip2G_fTlklDOUeubmVNyvon5lMb_qaKpmCTajlQ5jwJr_lUakuIKCxf5iEEXcJHmhherIZWlWqxfVbEK9Qba5dJkR55v3uRGGkqCel2UZaQtazARapnY1YSQF-SpP9k_tenSimiSa5t6EqWlbCWnyjkLfj5D23LLuPti6B4FQQ1A_3RX_vbCJfTRd9T3Xj_dH80MV2oCmyzacP7pLfBnPs-WiW_-GceGXai-o8b3gPSl0H3Shyl2jSBHbGOjdF_xbT-UlBF44LveW_oQ5xRyOsHuEssRgZXbLoQY0VJj40GPAdGZ6DQKGFvhs6FWQI02DdyNpx6wBed5uYTVw39oZcQcpVrM2I_Dr16MbjfuJWt1wyTdV0R_338B6Hn9aV9GVeRXMvEmwuSEpOJV04kP1fTi06DKS7Snp0TslP07DPfGNOO0SnY8-i2f5HrbD_dKsesH_gsXeZ6bWyOemofC6r8fkiI3h5nhp-03OP6pwE6X3dR6vRMXzn0RzRGkBhcl5ONnc8mJIOThwoIDPnIBBjeOBZWLy7oPzikYsrO7fOJIGSSxVXbM7ChZMWeO4pDMUlFCDp_bxorpLDLRUvbZizgMW23MHDJUYq0cmNkZUNjm6F_CbpmoDt78QRLfr2GBgaOyIwEMakzoz9uXhHeG8qGUFml-NGG0YqC7yG9PxTjpMfUtWXwmlFXq9iYaDw6otPdRPw88SRTTsAvbViLHBowfjRTTn8g0FOiyXIZcaqRBiZXYft_vqKoDm7sZyNtJlQU2ijpw0WgxXZ1Mo8WV0c9Do2qp60Bn7BL6jFjO4b6zSOTfWTu2ebZ3QmR4QJhIaEz4WDoIi5GUGPFWR_PMHg_JwkwXgDj6-07fkTTW1xjYAeD2n6bFC9rHpj7zmuNL0z0F-Kjtrwdwjc8eAP0CgmZOG9tsblUlCF1u5j6bU0Y17QzXo7QKCknbWoLfC480GchIfdKEotP_2y3UJ60rVw1BrxhnPQ8YFyw3x4u-7waEX4nWF1ufGeYfAx5prXS5eYaCFU4LYzMorYY17MtIZmluhkOxGhiADVn4b_Cxnc24TvmsNb5TFjwRoBQyGlHETp2n5hsYuWXRrzGOeVdfJj5Iqy9uqkXgrz3zcIJHOi9nkRvyvmCEh_uf8XvrtLynt_ZYLSWH01xxtzXXAL4GKvFE7gdmxsxNob6wm1ZeqBzpCebgrD1YUF9oYZJZidqcniHkrudQ3eGRjkN8NVrkTz1pAf2LT4l9IjZw_wwf8uwLijgDBrk9jAn3GmTIPhzQNA_y8djsdM3h3tCLGl-SbyaZDzkdRb2MXTBjsoawqMNSeY6jQxuGi422SV6cOlibyxENNcWxD5RiZH-e2pbuz4vOG8-d92ZmFnpMOrbm2-YbLwR1Ky0NBbK2B6XmbtX5uTq_a8H7Uz9vuG5Y2sKMJgvf4j2Wb4rFDxwQSBOCJKt9mfI6k2b2oMzPpy1QVl74rj3jXCnDNFFVRPtqcKpcg0sF0yWAA48qmASqhbjNVxbxePNMF9-maw5rPyd8e_US88Ug_ZiNb4umjVC2Yur_fdmmBZwGNoGfGe0ZQKnKiSFtzGrWRhl_79LRI9UKGEPaoPpIcfEmyXlkWwJ0gCr_yOhK2JLi1oc6kC8qoIcnP_NFw26rZ8j1UfUWnZYsHWM2&grab-orig-len=5120&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A215%2C%22top%22%3A1228%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&p2=fxjd&pcode-flags-map=eJytWF2P20QU%2FSurPAPy90ffxvYkGa3tMTOTZFOERkVdBFKFEGwBqaoECCEekBD%2FpA9UKvTjN3j%2FEWdsJxt7dye7Vfu2ac6dc%2Bfee%2B6ZPJuxRc0F1RWTkha6IIrohghSST3nQq9ZQblmtc55lfHZg8%2BezX549OTp%2BezB7Pynb2cfzS7Ov79gj%2FFnmDpBGM6ef%2F7RbE2kFrTia6rzJRGSKj0XvNIlq09HIZRY0cMYkesGTryPQWuSlYhBmobVC51tdcE39V2iRIlni0IlE0g2Y0oQRe8TTNBPV1Qqva5I0ydFCnkkQOwlzj7AcKaho9ekXI1Pdx38G6E9L0qubmQlqa7ppstgUZu6IJjJSq7Emm6PMPGSJIgssSSrGtzUB4mF8ivG6w9ELCfvx6vhqFVDTETBy1KXlOw%2FkDTn9aR40fjyfS88KN00WN9YhZ3POETJUSt6htYpyUKvG6EbwbhgaqvnJFdcjLthEimKkn0kqbquXlMhcc3jJPzIiYIxNvaCtMP27LnStKQVrZVGrDWTLGOlYSFLrmxTjkhR2LNY1azkpKCiEwpSNYe4i%2B%2Benh%2FAAi%2FxU2dPQEphyjrBTM86AJEC5aK15pmkaILxNZ1%2F8%2BiLJ%2BcjpB95aT81c3YGbav1krLFUula2Y8MQj91O2DOV7gdxfXZUlghSZx4QQfZkrqgZ1qsoFMVYbVVLp3Y84dGHWmsnq%2FKUuYC6Vrxru%2F5zj7FTPBT3A%2FS0wvBCjsyDpPoRsK6YFIJllnhnmu6y8Af0trr6OoNK9RSs4osqBUbuMEwDR0Wx3VdnHFh%2BkiQgq3kyR0jbInh3RPWpNyQiTRcQ%2FrxUNpi3kDIZcNr9KJiFeWrcdN7ExUOg8Dx%2B5ybnBdQbwOtrZMSBiHCDN0757hlasZld55RATs8iGPvOpzNsXH0xijAsQ65JcKOwLXt4zu3oTFximHy0KRzfn2NTw8OHViBDgq9FbWujMFYE8HI5Mq8KWwo0GQiBN0QNEhx19FApF21jPvQFYWp2RecCgG9KvniMEY4widO0Fdur85wDWtGNw0X9qJHcTRIlvm6rrEEcyoxGQsrLPaA62BSNvAG%2BZIahrqhIp%2F0GSzCCBm6aZ9rAUWHsYAa4KY2AnYHBRtk7x42LoF29lWArOcDjclcT9Q9TBIv7HtlN9EFDFaudC6t2hmmbpwcaAmTyB3lwVbKTd7Sdmjqh647wnb6IyFGamkavCFFAW9kDxKEQ6k7vceNqW1DtW9nDc0PDwarEvnBDrUfl8bRrUgNv5SXLLdP11WMalUqlpG6Bm1s4zlD4ZlJAl7CrsNp4sXxAY8hSN8m2HmQiaYk24zkp0brlPE70607MQaOF%2Fh9DywEyTz7dyEuztV3YTwfjviGrufYvn%2BDZrvhLYg%2BQVabHjYXLKjJzCgZq82dw47np8ZCY3COkA7DaNRvS9rZHzwlOqdqRbuhF%2FWEKkHYXaUMjwcn6VvNOGJB55CxpZlJlttxGONg6GtkKiqjYILWO7vWCJrZbQJUwBmEYDfUsG4CtwhbBH1CZ1zlAEdn3WaRm7rBno9khgbj0uhjvrSziAIv3htHJoctZpZB%2F%2FpCde2GFbu870shdLFqMF94fxWdA5e9ugk%2BdjzOJ44z8d6OO7CYrCZDanAvHR%2B8ddVUc65T8ny3L2pFC0a6IL2vuCf8djK9lXovTmrBPyijgs4JhGrHrP9x4Y7hTNNDG8uMwwAcxQx2%2BKorsQNNhRdIwN6dnpuG%2BybLTq8J0vXjsCf74zrBxXmdQpq5wjvuLm2JN1o4mq4lU91oHvCHrpwqbp8sPO08%2F7a7Bx2Ubw6VY6o8khHi9A%2B73Q8mXZRBOAkUJF9JhXbqQmlFz8ZOqP27fde%2Bvvzz8o%2F25Un7qn17%2BVv77vLn9k374vJ3%2FP3qpH3bvji5%2FKV90f57%2BSu%2BhP982f7XvsYHb4D9B1%2FEx4jx1%2F2IjWj8%2BPXFVx8%2FPv%2Fy0dMnF7eE2f3GkBO8XGqi2Jp22%2B7IQ95P0yt856QXwiwUWZk4Nzi1m36cSA9%2BzAF8S%2FCOh0W88R0fB3YwcpBXEaTI73o4KWRxOn1FR35i9H6UcrLbABmRtCF44tXda2%2BJ3kT9qahJqYsj0u9Dgc3FPf8fxAYRpg%3D%3D&pcode-icookie=KcOIoJNwRMFerquRlB6Ox4R7xYqGAY8YKkKMVR0ejOZJS8fgVu6xSH%2FtUCzn8uRFHbZEjRQhinW8zrVNPp1rBRsAUcw%3D&pcode-test-ids=633998%2C0%2C85%3B628987%2C0%2C30%3B638021%2C0%2C79%3B633008%2C0%2C4&pcode-version=638452&pd=27&pdh=1200&pdw=1600&pp=g&pr=3985167509&pr1=4049718695&prr=&ps=bxyd&puid1=adv-1661605725098-641&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&puid3=top%3Aregion&puid5=&pv=13&pw=6&route=ssr&skip-token=&slotNumber=3&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.orel.kp.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&yaru=true&ybv=0.638452&ylv=0.638452&ytt=274879517687813&lvlfrom=20&rqs=XG8zHB1qZEhdFwpjMBFte6SVm4iYmpnv&rtb-si=1&dmv=2&csl=&ad-session-id=2328301661605725146&rtb-answer-hash=319014069765762455&usgn=AYDcRChUuo0S0wmvyi27IQWSvnsx3keG9CQFcsdhpf2y&resp-time=739
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e2e051c7bb7d7d59ab30e73a998eff6ee2df72e4609f4b6e0d1ec1a80e712446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1661605726730194-563995795887545618500100-production-app-host-sas-pcode-255
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:46 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=5e7f6c80651b459c&pm=bmt&pxo=XGJ0gQ5vC9VPZGIKv6jawVbt9iqScO9B_KvZrtDRPpQS8u5HX56_FlLwiNfm59Aba-4KxiQmLXIlCIaa8iMRyoMllbbgKq4L9kB8QjbusxrAMn7ozYXvIxVNfxM-j8jfLkppBHcAyKL90jKe-J6G9AITBfRxzTqSD-Q-wxXu2A5WQCxPea8%3D&p5=gwefg&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjMBFte6SVm4iYmpnv&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fxjd&rand=teazjy&sj=Q9AlVQCLcwMddEQ8sHIOMdDknUaGBlN0zYnZ2-F8fGcHsh9yUNqhXcFrPSGnWw%3D%3D&puid1=adv-1661605725098-641&p1=cavko
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:46 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame CAB0
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 17:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 17:27:10 GMT
1
mc.yandex.com/watch/26254/
43 B
100 B
XHR
General
Full URL
https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605727%3Ac%3A1%3Arn%3A239816121%3Arqn%3A1%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Anp%3AV2luMzI%3D%3Ads%3A0%2C0%2C84%2C137%2C455%2C0%2C%2C137%2C0%2C%2C%2C%2C956%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(58200)aw(1)rqnt(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
26254
mc.yandex.com/watch/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A1%3Als%3A986356118712%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605727%3Ac%3A1%3Arn%3A277876926%3Arqn%3A2%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(58200)aw(1)rqnt(2)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame A62B
4 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 08:06:22 GMT
etag
11900953634711111692
expires
Sun, 28 Aug 2022 08:06:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 77E1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzcsXhcKY8XCCc-FjuwPspOW2A_QoNWKbOqVu5-RCKjG2fK3MBABIPHL50JglfqbgqwHoAHKitj-A8gBCakCVKlVwvy3sD7gAgCoAwHIA8sEqgSIAk_Qi1LfFRi_JGrbQphVimxz5fKOsCLcjTsOTLo68xvp-etAw2DhswVZyPMJz278rjw6TbcSnzND1TJrOnH5TeHpq2kIKzGc11eXkTWs_WhIfwTzGqRDDcUbIN-LQxTgbgyCYPwhZAFymaQ3h73ZeDGyyCrrvlCX7aUB0fr8OyxkOj1tK7OKYUOJD5eLrG_UiJpZeAIxcj5WsWCUwMD7OdW05iVWO6t8z3KqWkSa03ONMtGWsx8xrMmJWvyElP-BdhDnQ6zWfTTGpBX96jxNIP0StCW0Ez1nFUQXsna36RHbYC2mWV7DbPdq4AFnPMdggWOroqO-IGX4NX9DhBRttUDtEu8sNAP-68AExbD8ybQB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB571pwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ_OAT0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMLiBQC0BUBmBYBgBcBshceChwIABIUcHViLTcxNzI3MzM0MDg0NTU2OTIY8f4T&sigh=vcSQ_ynp2Vo&uach_m=[UACH]&template_id=494
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 77E1
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:03:25 GMT
js
www.googletagmanager.com/gtag/
199 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3c227a219e6643ae8581c263c89c5fa67db5dbd8cd52da772613843c7f2a386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72895
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:08:46 GMT
js
www.googletagmanager.com/gtag/
199 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GP3S318PND&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9daf36d4da11aa949861cd84a3ba3925d31b05afb828e1b11aa19cf72736cb27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72923
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:08:46 GMT
counter.js
tns-counter.ru/ncc/
61 KB
61 KB
Script
General
Full URL
https://tns-counter.ru/ncc/counter.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
last-modified
Wed, 01 Dec 2021 16:19:48 GMT
server
ms-counter-3.3.5/1.20.2
etag
"61a7a0a4-f2ad"
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
content-length
62125
expires
Sat, 10 Sep 2022 13:08:46 GMT
tag.js
mc.yandex.ru/metrika/
205 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 15:41:08 GMT
etag
"63076de4-118f0"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71920
expires
Sat, 27 Aug 2022 14:08:46 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
169
date
Sat, 27 Aug 2022 13:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 27 Aug 2022 15:05:57 GMT
target.js
target.smi2.net/client/
3 KB
1 KB
Script
General
Full URL
https://target.smi2.net/client/target.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.195.88 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
target2-1.ssel23.imcmdb.net
Software
nginx /
Resource Hash
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:08:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Feb 2019 12:15:43 GMT
Server
nginx
ETag
W/"5c54386f-af9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=259200, private
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 30 Aug 2022 13:08:46 GMT
b
sb.scorecardresearch.com/
0
191 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1661605726665&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&c7=https%3A%2F%2Fwww.orel.kp.ru%2F&c9=
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
rO9y6efhsOgvhYbv1-xPWiaIOzfHCKJJRQQUZpIJsqlEkQQZcKOIwQ==
x-cache
Miss from cloudfront
kporel
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain
  • https://counter.yadro.ru/hit;kp/kpall/reg/kporel?r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u043...
  • https://counter.yadro.ru/hit;kp/kpall/reg/kporel?q;r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u0...
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit;kp/kpall/reg/kporel?q;r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u043E%u0432%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430;0.13217959147474345
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:08:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 26 Aug 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:08:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;kp/kpall/reg/kporel?q;r;s1600*1200*24;uhttps%3A//www.orel.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041E%u0440%u043B%u0430%20%u0438%20%u041E%u0440%u043B%u043E%u0432%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430;0.13217959147474345
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 26 Aug 2021 21:00:00 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A62B
74 KB
26 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 05:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26222
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Aug 2022 05:35:26 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame A62B
199 KB
68 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69148
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Aug 2022 08:06:22 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame A62B
11 KB
2 KB
Stylesheet
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 05:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1962
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Aug 2022 05:35:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 800F
143 B
426 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 27 Aug 2022 12:11:24 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 77E1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:05:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77E1
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:08:46 GMT
collect
stats.g.doubleclick.net/j/
4 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=1619383818.1661605727&jid=921891633&gjid=26636335&_gid=250186742.1661605727&_u=YGBAgAABAAAAAE~&z=335848519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Aug 2022 13:08:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=537860765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.orel.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1080713386&gjid=454619828&cid=1619383818.1661605727&tid=UA-19328520-20&_gid=250186742.1661605727&_r=1&gtm=2wg8o0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=165354107
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=537860765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.orel.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1738802071&gjid=1226045689&cid=1619383818.1661605727&tid=UA-23870775-31&_gid=250186742.1661605727&_r=1&gtm=2wg8o0WCBNVW&cd1=&z=2055191383
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=537860765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.orel.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=921891633&gjid=26636335&cid=1619383818.1661605727&tid=UA-23870775-1&_gid=250186742.1661605727&gtm=2wg8o0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=2103012391
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 20:49:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58766
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
347 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe8o0&_p=537860765&cid=1619383818.1661605727&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661605726&sct=1&seg=0&dl=https%3A%2F%2Fwww.orel.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&ep.allowLinker=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GP3S318PND&gtm=2oe8o0&_p=537860765&cid=1619383818.1661605727&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661605726&sct=1&seg=0&dl=https%3A%2F%2Fwww.orel.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&ep.allowLinker=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GP3S318PND&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 214E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082401&jk=1947919451411139&bg=!BgWlBUHNAAYUOm8VNDo7ACkAdvg8Wq47xisIpu8E158tJBDl-QU1kn_CajDdrX-JMNP5OGXVnAx3QAIAAAB0UgAAAAJoAQcKAAa-yjJ3XQ-ZAuHJPlKHqXbEQUOl5v8i8c2DYg-6ETHZaCPd7DnAQpku87K2iKop1g2IlTsE_e4f1v7ZwcAfkbl33Jmkr_5JmsAFuhh5SYw0Acv_Xz_GVUcIA0GOvcdpOWtNw84rmWWsiubstmc04E_e7t-BTpQyOlH4C0HYAv4LixmVbsfO5IXvuFvyqp-cRhNOLvzTpusnubky5VrtX7dnmzQYJZ0ZhXlKvndYB69ZhNmiuVEdLrREssrE4_clebkU5F7cAkl3yUkYNuA-et8rUpMjohN6w2t6WRvF8frInzhP63my_31KzMADdMCMGCwdg5OKg5WH-yGeCQrH7T8BudMEg-gxrmNNg3F438dbBujU-n_ZrCVkMEKH_8Ho6VZK2kV_YHSM6pQoK8S9-6HElFsK5pRw3PuEvrur18S1AsdfHF3mkoY5KU11Szii2F9K1GP-2HEWgMovT_oxpuxpx78w42MM6N8yXb4HJnkN8XChzIqgndsG5jSCbSCHDx89kGF_QdshXB3ZYwxlqkpAqjAQkyCt4eGAYNhIFZjir4AOPd1t-gsMhXBCUYqyxb7Qxqo4USHM-xooSHrjkNYymwaEXen50ZhsE7Lxj10udprdI96PEdLu_F0tSrh9Zka4eAhkHAn0-sYZjVH5oGX-_DxDlXSxDm-2YWJlNZpwtjYgoY9p-yg1ytrUr94C2E73BXqei94BRmAHNzn6Sc5EeYlUiGaPytB7TDsOHdYeOXJyrF-oFDfee1EqzEeqAcE0TbfyzFSIQY-EhVIxtr_lL6fC89sgeJANp7_t7B_0QFIvr0-6SPg2V8bAOTeSNIxT8cuLzdna4y2VWjmOMXFkWeEjjyJo144UmrPROCVmIlGu9xoU9lOKjfip8SS6qet0zfUSs_MRZO47e8wPhdq396Q_b-JpczW8TXyi5KJuIRtsgIzQpejZmp7IiXDBCn0gZbXsXkHLGYogXE5s0QBj1Kp9iZx3zOCFew
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

1051362
mc.yandex.com/watch/
422 B
456 B
XHR
General
Full URL
https://mc.yandex.com/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A412396512118%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605727%3Ac%3A1%3Arn%3A119546908%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(72200)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
311a4dd5d723045ba198478f0232f1f80ae64518fcb75942ec50e24854459b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
422
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
38305645
mc.yandex.com/watch/
383 B
442 B
XHR
General
Full URL
https://mc.yandex.com/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1008029303582%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605727%3Ac%3A1%3Arn%3A486479067%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr(14)mc(p-2-h-2)clc(0-0-0)lt(72200)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
48b23213d0212d24a9ba179660a82ff0c967dad062a9475b5fc0fe1c43ef9c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
29473495
mc.yandex.com/watch/
383 B
414 B
XHR
General
Full URL
https://mc.yandex.com/watch/29473495?wmode=7&page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A1154092136817%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130846%3Aet%3A1661605727%3Ac%3A1%3Arn%3A322514864%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5%20-%20KP.RU&t=gdpr(14)mc(p-5-h-3)clc(0-0-0)lt(72200)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
397e7f594614f1ae26f966ec8a47dc0234e5840cb6269700b740f761c73b15bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:46 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A62B
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Aug 2022 04:14:04 GMT
advert.gif
mc.yandex.com/metrika/
43 B
133 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:46 GMT
last-modified
Thu, 25 Aug 2022 15:42:57 GMT
etag
"63076e51-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Aug 2022 14:08:46 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19328520-20&cid=1619383818.1661605727&jid=1080713386&gjid=454619828&_gid=250186742.1661605727&_u=YGDAAAABAAAAAG~&z=2115851594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Aug 2022 13:08:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
69 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=1619383818.1661605727&jid=1738802071&gjid=1226045689&_gid=250186742.1661605727&_u=YGDAAAABAAAAAG~&z=1986853809
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Aug 2022 13:08:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.orel.kp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sm.js
stat.media/
77 KB
28 KB
Script
General
Full URL
https://stat.media/sm.js
Requested by
Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:08:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
/
target.smi2.net/init/
95 B
463 B
Image
General
Full URL
https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.orel.kp.ru%2F&rnd=6715891334842
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.195.88 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
target2-1.ssel23.imcmdb.net
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

X-Target-Version
2
Date
Sat, 27 Aug 2022 13:08:46 GMT
X-Target-Final
20220827160846-0
Server
nginx
X-Target-Host
target2-1.ssel23
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00031
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Sat, 27 Aug 2022 13:08:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 77E1
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:00:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 13:00:45 GMT
911247405***
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
55 B
334 B
Fetch
General
Full URL
https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/911247405***
Requested by
Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
28e89bef7c1a5b656c7bc866a3728b5eb14972fe23b16ca23269a31a2579283d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27 Aug 2022 13:08:47 GMT
server
ms-counter-3.3.5/1.20.2
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
https://www.orel.kp.ru
access-control-allow-credentials
true
content-length
55
231978895
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain
  • https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895
  • https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895
43 B
297 B
Image
General
Full URL
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.3.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
server
ms-counter-3.3.5/1.20.2
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/231978895
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
y300
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/
14 KB
14 KB
Image
General
Full URL
https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y300
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Wed, 11 Aug 2021 14:15:17 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
13838
x-request-id
7ba2b22db1fd3d7b
icon-192.png
yastatic.net/s3/games-static/favicons/
24 KB
24 KB
Image
General
Full URL
https://yastatic.net/s3/games-static/favicons/icon-192.png
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:47 GMT
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24134
x-nginx-request-id
a8c53be47f555b00
last-modified
Thu, 14 Apr 2022 12:22:42 GMT
server
nginx/1.17.9
etag
"7819c957eaa80af5bf14f760d49b64a7"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 01:07:46 GMT
wy150
avatars.mds.yandex.net/get-direct/5212273/cKwFkHkbsRk0Vv6WXNAWFQ/
12 KB
13 KB
Image
General
Full URL
https://avatars.mds.yandex.net/get-direct/5212273/cKwFkHkbsRk0Vv6WXNAWFQ/wy150
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
c1d4ba654e70fd3dee803529a3edb6f311069f266e344c11e954337bb276d7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 23 Apr 2022 16:53:26 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
12746
x-request-id
50283ad65c9c48c0
triabox.ru
favicon.yandex.net/favicon/
1 KB
1 KB
Image
General
Full URL
https://favicon.yandex.net/favicon/triabox.ru?size=32&stub=1
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d6ef49bcc283324b372025c5043431d75fb4c62f154bef47116edd338f453409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
6d892074f75240ed535a.js
yastatic.net/partner-code-bundles/638452/
41 KB
12 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/638452/6d892074f75240ed535a.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9b06f73c2d1f6225104ae62c2076ad2adc41c8993892f5fa335f4a6fb672ed7b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.orel.kp.ru/
Origin
https://www.orel.kp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
11308
last-modified
Fri, 26 Aug 2022 19:44:54 GMT
server
nginx/1.17.9
etag
"f93a335bb2fcdfdb4d35127b0bbd871e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2052 19:44:24 GMT
1
mc.yandex.com/watch/1051362/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A412396512118%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A918249086%3Arqn%3A1%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Ads%3A0%2C0%2C84%2C137%2C455%2C0%2C%2C137%2C0%2C%2C%2C%2C956%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
1051362
mc.yandex.com/watch/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/1051362?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A412396512118%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A103886120%3Arqn%3A2%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
1
mc.yandex.com/watch/1051362/
43 B
148 B
XHR
General
Full URL
https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A412396512118%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A798281695%3Arqn%3A3%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 800F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:47 GMT
expires
Sat, 27 Aug 2022 13:08:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/38305645/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1008029303582%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A479986715%3Arqn%3A1%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Ads%3A0%2C0%2C84%2C137%2C455%2C0%2C%2C137%2C0%2C%2C%2C%2C956%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
38305645
mc.yandex.com/watch/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/38305645?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1008029303582%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A945908064%3Arqn%3A2%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
1
mc.yandex.com/watch/38305645/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A3%3Adp%3A0%3Als%3A1008029303582%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A301264409%3Arqn%3A3%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
1
mc.yandex.com/watch/29473495/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/29473495/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A1154092136817%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A552005768%3Arqn%3A1%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Ads%3A0%2C0%2C84%2C137%2C455%2C0%2C%2C137%2C0%2C%2C%2C%2C956%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
29473495
mc.yandex.com/watch/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/29473495?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A1154092136817%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A153144227%3Arqn%3A2%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9E%D1%80%D0%BB%D0%B0%20%D0%B8%20%D0%9E%D1%80%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%9E%D1%80%D0%BB%D0%B5&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
1
mc.yandex.com/watch/29473495/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/29473495/1?page-url=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A4%3Adp%3A0%3Als%3A1154092136817%3Ahid%3A949386884%3Az%3A0%3Ai%3A20220827130847%3Aet%3A1661605727%3Ac%3A1%3Arn%3A917736024%3Arqn%3A3%3Au%3A1661605726570709986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661605723679%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605727&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(72200)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
last-modified
Sat, 27-Aug-2022 13:08:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:47 GMT
l
www.google.com/ads/measurement/ Frame 77E1
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1v5laqeowdYqGqn6jwQcisLayCrO6YuJJBQhVOkBBLHCbeTfDPiexxRD7mNqSwbwCiDHCSGHA-oKZeaCmjZyFmOZIQg
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

truncated
/ Frame 77E1
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dd40f5a9888271231258d5076c38d36d67758105b909eeab0be6f7d79ab0daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1619383818.1661605727&jid=921891633&_u=YGBAgAABAAAAAE~&z=22539562
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1619383818.1661605727&jid=921891633&_u=YGBAgAABAAAAAE~&z=22539562
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19328520-20&cid=1619383818.1661605727&jid=1080713386&_u=YGDAAAABAAAAAG~&z=1381356142
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19328520-20&cid=1619383818.1661605727&jid=1080713386&_u=YGDAAAABAAAAAG~&z=1381356142
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame A62B
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 11:54:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Aug 2022 13:08:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Aug 2022 13:08:47 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame A62B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 17:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 17:27:10 GMT
4092648287096764135
tpc.googlesyndication.com/simgad/ Frame A62B
10 KB
10 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4092648287096764135
Requested by
Host: 9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
URL: https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11c4f483cc273bfc1affe3e5eb328b51ed526d1c262c6d972a420ba822b3bacb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:21:19 GMT
x-content-type-options
nosniff
age
370048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10330
x-xss-protection
0
last-modified
Fri, 13 Dec 2019 09:52:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Aug 2023 06:21:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A62B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
410453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:07:55 GMT
event
ads.adfox.ru/232598/
0
66 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=36f8d5f20934b532&pm=bmp&pxo=T0sJdDKrxtBjTz62tHz7MtDYCY0pfjmmwxAq16diMKTEkpoyD6VIQElCdlSun0WSwfg2fRDbKtz7mOkE3HXBYTfyRSPQJ0lDHXQ4UKVEtVLV4TzFTKuXg11k22B-7bp3qjzdHeUmcm92xlwv7a9CN3Ak1AS--5nVqr8A2pVqumSuJHC845d1&p5=gwdbk&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=gfvdods&sj=BehuTbujo5wG5re_7FYqbITHNFTXutkhQaFD6vj7Doc_6G_-PUvnKmL6mmZIGg%3D%3D&puid1=adv-1661605725094-594&pr=mxktefl&p1=cdinl&rqs=XG8zHB1qZEhdFwpjgHcrBuJISwfl-pey
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A266
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXQHKcupXUjU_tQIAf7J9haCUgTDYvWxn5E36YBZ40R4FZA1V2Rm82zzMnZttmXKuVX3y_-PPi_x-uFMTB_zBBRi6i8cOxtjgsF1-Eft8TNF1-H-rf53hFp0HU2CxhMWG1OICXcuI&sai=AMfl-YQs9u9MkmOPA-NtxoHh8kkQEsPaK5_qSDyQz5bUFnKXT9vsZ6z18mELGyEHGV65H6AUsY_uUglDvOPGYvfL1-9z8b-s--XupqSgBxqsS2RTA-71UnHG0GYOQfFAntmh&sig=Cg0ArKJSzJFIUedNeytNEAE&id=lidar2&mcvt=2308&p=389,1410,989,1570&mtos=2308,2308,2308,2308,2308&tos=2308,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661605726292&rpt=271&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 77E1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstywAh-56exRoHSjhlSSZ5oDF_97sjyhxQmGEn8RReRobqeYeGXy-Mgh2bq2KW30puJps7G4hEWGBc3QHvC_nq-_LiJlaQoaIXVLKk3et7CD3DrDz5A2AR3HA9VgkMbgojgbOKNyp4&sai=AMfl-YRYojSGFxp_Xd24ZVFCMWQl-Fm0fXpzWeB5u8KQ3uOZee_gcEmmErpjAjaw98sbQ4KZGr2PIDfip_-jjWqjfWAxMXJ-4cldW-z1DrORbtCZLcshQk64iBbGfr0XV9Yp&sig=Cg0ArKJSzGM3XZYANXLLEAE&id=lidar2&mcvt=1957&p=486,1100,1086,1400&mtos=1957,1957,1957,1957,1957&tos=1957,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661605726511&rpt=443&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1Lhzn-xQ0Hm200000000U9nJZCatbf7DIl4m53ZJiDd1WCdLCbQSAva123nX8g5TINiIO_lI61XI6O7YcG9dFYm5YPVA07cr2K2YbH54Te9aWO29OIRZ51i8Uo5Zd0g4jP9njmA4jPUnw3e_mr4m_omZIDDLC7cNaK66WUaluomc1eQvJ22HfKodc1aOrZBz0hBFC...
yandex.ru/an/rtbcount/
43 B
173 B
XHR
General
Full URL
https://yandex.ru/an/rtbcount/1Lhzn-xQ0Hm200000000U9nJZCatbf7DIl4m53ZJiDd1WCdLCbQSAva123nX8g5TINiIO_lI61XI6O7YcG9dFYm5YPVA07cr2K2YbH54Te9aWO29OIRZ51i8Uo5Zd0g4jP9njmA4jPUnw3e_mr4m_omZIDDLC7cNaK66WUaluomc1eQvJ22HfKodc1aOrZBz0hBFClq7WgTCBu0YhvW4xdjg6WYSOM0eMi6ws-8vAyDV9awGGvXPWMGlioAGdCeCCc8kCnF8SY09jfrb8_Cjvc-rRAVy5KuontnNl7jZouhigs2LTy7aJsO79twmCsUnA4IuMrHvE1aMHhbcfBYL5sGbfqLvcOSR9FePUJYbHFXcBsIH3eKeNi4ofN872zC15gQRB11VVh1_o7Bs30YyiN_B0lBh1DRMXew6jWDs2rWvJx9kVi81LdU1jQ6XWUKcQypbxKSshbai-PKLvCyEjWQM2MntxfrzUF7mh4qUCzYk70vUmBPxqyCtNIy-_LdFk98DPlO1DeyJRCoFs7WJ3HojCWfpFOp22fBCNxB1NF4Jpfh8Fd_Tr6d6d6_iPx6pcHbRc9WQRM1lKDZ1pdY2NUG1-yC3LqzsldWtCUi7Eqy3nzRt1W0BwQd8?confirmTime=3012000&confirmRatio=1000000&test-tag=274877906944002&format-type=118&actual-format=10&rnd=6224332052004&banner-sizes=eyI3MjA1NzYwNTI0NTYwODU4MCI6IjE1NjB4MjUwIn0%3D&width=1560&height=250
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Aug 2022 13:08:48 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=1091e6f31b697dcb&pm=bmp&pxo=wkMUZ_yQ3KBt01B_hRUnRhGV_xd970_W1Q_nNiU2wfR7RHiu-mnZX_fL7_44724JYVkz7wct2F36zA5ehgQ1DH0Y-jjQnSLvpaWX_V6x_GbhYvz10EJ538_F9A9dTelxmahOb0XXSc35fXLbc7wvP6UGXJ9hgVkMcpL27jitT7zIzJEH2Q%3D%3D&p5=gwaok&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjDfLYI7SQcy8WrtEe&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fbao&rand=mjndvov&sj=4xo2T34kJ5jtsj7iGfpX2mDKOk4C0S1RmZ258iio0Y1Wt-pKI9S90uKAjKPu0A%3D%3D&puid1=adv-1661605725099-373&p1=bufhv
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
WOuejI_zOF009Gm051LXl6AAF1l_amK0y04GW8200J5T5mfZ000003YScWE80Xov0ivoAo-sFpRzy0A4dFBR2_050Q06m0791bnlCnmTQcH8gGSGpF2bG302HS07mAkm-W602W682WMe2kW7Y0iugWiGtqafC13C001og0MxEEVm2mRW3OA0W860W82819WEtEw7w...
yandex.ru/an/count/
43 B
266 B
XHR
General
Full URL
https://yandex.ru/an/count/WOuejI_zOF009Gm051LXl6AAF1l_amK0y04GW8200J5T5mfZ000003YScWE80Xov0ivoAo-sFpRzy0A4dFBR2_050Q06m0791bnlCnmTQcH8gGSGpF2bG302HS07mAkm-W602W682WMe2kW7Y0iugWiGtqafC13C001og0MxEEVm2mRW3OA0W860W82819WEtEw7wOsRhTHhg0-Gc8ESYuYCWKMG4EkqmS-RlFYTg07WbPXz1E0K0V0LmOhsxAEFlFnZW1Q5W8Y0Xi0-e1QGqPUO1iaMy3_O5e4Ng1S9q1WX-1ZAtBAGiwkCzIU06OaPi-G80000002m6TpUpU7HmvgoIBWP____0S0PtARVfPoMwz4PqXaIUM5YSrzpPN9sPN8lSZSmEIqnw1cO3F0P-W6O6jJ3Kx0RIBWR0u8S3M4mGJfeSMr8CbPmOZVf780T_t-0880WY201q27___y13m0pmskOCMaySYwG8JwXs1pI16zdH1F30-xQDJzA7vK1MAGorDNESINyiQqv90t33000~1=WniejI_zO8O2ZHW0r2kFm6YcXWEqYxcspTcxmB81W07Rzvwyqk3jbbk80RgDdy9_a068Yht0qu20W0AO0OYAlS1Jk07QpkE78zW1qgwidW7e0Ixu0UgLthu1e0BYgiGHi0C2vWk81OUo4905ef0Ni0Msv0cu1RRa2S05ge0Do0MIm0NG1Ooy0k05b06O1hJkvvO2g0R00Qa74CpmfK0m0aMu1u05q0S2s0SGu0UG3V47002020JG29gAW872W806u0YnbU88w0cLHD2-NohzFydu2f2p2TaBw0k7iX2838obthu1w0oR1fWDfeEW3i24FO0GgTM-7y2ma881q13lZAzVeH5dg170X3tW4PkgFUWHf9QK-w70ie7lIiv0hv6yyoIHrJ-O4mJW4xRa2O0KW82018WKqekynRxZmvaWe1Isv0ce5AAG5x0KvutFHBWKaD_M6S0KeBwjCyWK1D0KuA7-EDWKcwt1ZWRe58m2q1MRhS6E1g0MaD6Nc0Qm5iu7oHRG5eobthu1s1RhjC7FcxpudQW1WHUO5yEXsYEu5m705xMM0T0Nq8O3s1UAnple5moW61Em6D_zfvW6k1Xa-1ZAtBAGiwkCzIU06S6AzkoZZxpyOuaPi-IW6S01k1d___y1u1aCw1cO3F0P-W616l__ryUkpVS6Y1h0X3sO6jJ3Kw0QcfNspTFTpFcU0RWQ0VKQ0G0009WRoBSyi1j8k1i3s1k0W8201EaR000009ugqq3m6xNg0jWSXx8Gu1oYa1Vf703mF_4S0010LvwrYx-07Vz_cHt87S24FTWTpi6D1k0TrQwU1P4Ug1u1q1xUXEV0dBJ0zDG1s1xxsXw87____m6W7wdLlX-m7m787wcNba_I7mOsCpWqDJBP7m00082SAjD0u1-rwWA0880WY201gI3W807G8V__0P0YdUeca2AXwYQG8gFg9Xa0ICYQ3Wc1YZ3QgIICZMG0axK4BSuJk0I1LeS9bDmoQ4XyDIGZPfamKhbcQeEGrUug14m4h9seGgn3OXXeEKi2OpHWn5ZUJHe37eJ0SO9j0Wu0~1?stat-id=28&test-tag=274877906999825&banner-sizes=eyI3MjA1NzYwNTI0NTYwODU4MCI6IjE1NjB4MjUwIn0%3D&format-type=118&actual-format=10&pcodever=638452&banner-test-tags=eyI3MjA1NzYwNTI0NTYwODU4MCI6IjI4Njc2OSJ9&width=1560&height=250&confirmTime=2791000&confirmRatio=1000000&wmode=0
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://www.orel.kp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Aug 2022 13:08:48 GMT
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=22eb4416ccbff9c1&pm=bmn&pxo=T0sJdDKrxtBjTz62tHz7MtDYCY0pfjmmwxAq16diMKTEkpoyD6VIQElCdlSun0WSwfg2fRDbKtz7mOkE3HXBYTfyRSPQJ0lDHXQ4UKVEtVLV4TzFTKuXg11k22B-7bp3qjzdHeUmcm92xlwv7a9CN3Ak1AS--5nVqr8A2pVqumSuJHC845d1&p5=gwdbk&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=dcnohnj&sj=BehuTbujo5wG5re_7FYqbITHNFTXutkhQaFD6vj7Doc_6G_-PUvnKmL6mmZIGg%3D%3D&puid1=adv-1661605725094-594&pr=mxktefl&p1=cdinl&rqs=XG8zHB1qZEhdFwpjgHcrBuJISwfl-pey
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9182
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=837880506083025&bg=!HB-lH1vNAAYUOm8VNDo7ACkAdvg8WqCFgh6kVkNs0MF48xFFn24sFVFB37CjD1SshA0WfcqtvEpjyQIAAAEpUgAAAAJoAQcKABuzVU7sHLAz9O1ouK76Xz3egzkv_LJi4uFEsHKZAvmsY9bNv2mmRRksFGxpS4VmMWhX4_sfUn5qWvrwF_w1oSzU-hsSCOkr2V2Es_yiGBDwevb8A8KgxCBPDevBJn5eHTsylDtk9aEXgN25zeKdVwV1xvQe7aCqQxd5H2YOdyjNxMSUnqsxeXGEadjVz3J8e-t00g-rQNKU-Y1QuworUB1U5zGnHRc809JWuIPxMbzTSBQ-9tzsBveqPj1SPbuX3TXL0y_B0B3IkM9NdfkMSt0yxzSMtnV-93YWcByqnWFi9WS3Cgyd_6gW6bU-N_OeN62xhvX65dP4I5q1i9AlAeMQLpiHVMOVXSXxd0QqQ4W38Jb803HwKj14Ma-vFAIK97atwDKa9gLzWoq324MuO9dmaKzvLMN6OzycD_Im_-5kNnbHV6AP3qvEKTxegb_yNdxLEXWTLoUaWklJfOPPJC13mlYtoGQ_o1syLniFk8IDqMFogSByYq1CdeDD4eIzqT_Gt7R3raZS5oMR-YEzhOmImZkFFgM2DG8kZSclmUd6YXYX1hyMD2b5yVb1R9iQiNjOjJHpiqp-tif4oL2LEzPzLBN5jnaR9RQ5zO3YfdwW_l96inYYSq53_Z4KAj7f_NPUHnCmAGyk2sSK0ygh4AqXE8a5Hkt57OzVv5iLphuacDrMwRjWwl25XVDm-etIw5OQGMamqaJJ3vZWYf8Dd2__YGujVrGJwIpWKNUOoM72LMAUlMItctpkyqgoIIuVITKm6wWdLzUGpXcZ2iwe1yBH9YZ9xGWV69TZC05a1rSRohjxFEVhTZZUquhzdGd4P3pIdtfH9fU7xaYLfQlQZqmcS3jXS9VnG_nWpXDFo9KgWjkKHtvKWvo3C1Y_7F2dw0VF6zKUxqyHNs0x5G2PaGj3t5DKRVuKo3KbWBT4z298XngNFg1bDG4eNBpIgPrOPPLedCCkjMGbUf6SxNIAuD0akpgtsBsyvElcIUo1Zysz7PYOWC7_pDwQSun0Rk0-sNss_X9aa4tffcTt5wFSEe7b_dqu8XsSCw
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame EBE3
105 KB
37 KB
Script
General
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:48 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 30 Aug 2022 01:05:51 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
c9ec442e71aeab39
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A62B
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:44:52 GMT
x-content-type-options
nosniff
age
419036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A62B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:39:45 GMT
x-content-type-options
nosniff
age
419343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 16:39:45 GMT
settings
stat.media/counter/
672 B
1 KB
Script
General
Full URL
https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l7bx5dwq
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
08704dffba1cb6bfd01902e7c409ef2a32cf24e1b5f50e0d74c97d70335d5e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:08:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
event
ads.adfox.ru/232598/
0
18 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=c127a96107f6eb5b&pm=bmn&pxo=wkMUZ_yQ3KBt01B_hRUnRhGV_xd970_W1Q_nNiU2wfR7RHiu-mnZX_fL7_44724JYVkz7wct2F36zA5ehgQ1DH0Y-jjQnSLvpaWX_V6x_GbhYvz10EJ538_F9A9dTelxmahOb0XXSc35fXLbc7wvP6UGXJ9hgVkMcpL27jitT7zIzJEH2Q%3D%3D&p5=gwaok&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjDfLYI7SQcy8WrtEe&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fbao&rand=nopcpmc&sj=4xo2T34kJ5jtsj7iGfpX2mDKOk4C0S1RmZ258iio0Y1Wt-pKI9S90uKAjKPu0A%3D%3D&puid1=adv-1661605725099-373&p1=bufhv
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:48 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
watch.js
mc.yandex.ru/metrika/ Frame EBE3
158 KB
56 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 15:42:57 GMT
etag
"63076e51-de2c"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56876
expires
Sat, 27 Aug 2022 14:08:49 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame EBE3
403 B
633 B
Fetch
General
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.orel.kp.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
dd2e992ce837648ccc3ebc487d8407f8ff2e4a7f1275931961ed236d8c0f76d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
/
smi2.ru/cookiematching/
43 B
868 B
Image
General
Full URL
https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJGQyN2IyZjI2LTMzOTgtNDliOS1hNzMyLTM2ZmU1ZmNkMmQwMRoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjYxNjA1NzI4OTc0Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDZiMWE3YmVjLTQxNjgtNDcyYi04NjE1LWQyOTkyZDFmMDkzZBoILnNtaTIucnUiAS8oiA4%3D&rnd=1661605729021
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.198.148 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
ads5-2.sselp12.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Sat, 27 Aug 2022 13:08:49 GMT
Last-Modified
Saturday, 27-Aug-2022 13:08:49 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Length
43
Expires
Sat, 27 Aug 2022 13:08:49 GMT
/
smi2.net/cookiematching/
43 B
229 B
Image
General
Full URL
https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJGQyN2IyZjI2LTMzOTgtNDliOS1hNzMyLTM2ZmU1ZmNkMmQwMRoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY2MTYwNTcyODk3NBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkNmIxYTdiZWMtNDE2OC00NzJiLTg2MTUtZDI5OTJkMWYwOTNkGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1661605729021
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
smi2adm2-1.ssel27.imcmdb.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:08:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
stat.media/counter/
0
135 B
XHR
General
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 27 Aug 2022 13:08:49 GMT
Server
nginx
Connection
keep-alive
conversion_async.js
www.googleadservices.com/pagead/ Frame EBE3
41 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15682
x-xss-protection
0
server
cafe
etag
14097944420163075165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:08:49 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame EBE3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YRcKY4KkB7aemLAPz7-2-A...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221&ipr=y
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1079792175&crd=&is_vtc=1&random=841758221&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame EBE3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YRcKY8umB4mbxgL_35OYDQ...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=229825...
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=2298257...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=2298257558&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=571248894&crd=CJqqsQI&is_vtc=1&random=2298257558&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.com/watch/ Frame EBE3
167 B
262 B
XHR
General
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A118489988567%3Ahid%3A644316230%3Az%3A0%3Ai%3A20220827130849%3Aet%3A1661605729%3Ac%3A1%3Arn%3A975003057%3Arqn%3A1%3Au%3A16616057291066190023%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661605725768%3Ads%3A0%2C64%2C32%2C2%2C0%2C0%2C%2C12%2C0%2C111%2C111%2C0%2C111%3Aco%3A0%3Ast%3A1661605729&t=clc(0-0-0)aw(1)rqnt(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a73b675269e40c78097c9aabb53218b5664c4bea6655c9432a55c191b9264212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:49 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:49 GMT
advert.gif
mc.yandex.com/metrika/ Frame EBE3
43 B
72 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:08:49 GMT
last-modified
Thu, 25 Aug 2022 15:42:57 GMT
etag
"63076e51-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Aug 2022 14:08:49 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame EBE3
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661605729185&cv=9&fst=1661605729185&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b3268cd7d6af920d9ad9ba194e46189fb093f9f63e389f0c7501303d6f0efbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame EBE3
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661605729188&cv=9&fst=1661605729188&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d60a570eb0615b3c9bdab83f38d5159cb7ab7361d52b28b0fe558c2b4a7b2aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame EBE3
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661605729190&cv=9&fst=1661605729190&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7507a852f49e8cf6f9a78f831fd823ae37e6d89f275fbfff23f6b0f6ac4e888e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame EBE3
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661605729191&cv=9&fst=1661605729191&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dbe34edcb2fa8c2ee78d0d71b1fba97f82ef362ad2fd56d77ba4a544fc53ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1117
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1661605729188&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1203286467&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1661605729188&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1203286467&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
37412095
mc.yandex.com/watch/ Frame EBE3
350 B
385 B
XHR
General
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.orel.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A1%3Als%3A1011504932039%3Ahid%3A644316230%3Az%3A0%3Ai%3A20220827130849%3Aet%3A1661605729%3Ac%3A1%3Arn%3A43932037%3Arqn%3A1%3Au%3A16616057291066190023%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661605725768%3Ads%3A0%2C64%2C32%2C2%2C0%2C0%2C%2C12%2C0%2C111%2C111%2C0%2C111%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661605729%3At%3A&t=gdpr(6)clc(0-0-0)lt(192100)aw(1)rqnt(1)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7fa8b1a0e61c704416ed0478d72785d87a2540544098dd704856fd2cba19954e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Aug-2022 13:08:49 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 27-Aug-2022 13:08:49 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1661605729185&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4192230311&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1661605729185&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4192230311&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1661605729190&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1473544727&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1661605729190&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1473544727&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1661605729191&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4218565547&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame EBE3
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1661605729191&cv=9&fst=1661605200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.orel.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=4218565547&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.orel.kp.ru
URL: https://www.orel.kp.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 47D1
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.orel.kp.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.orel.kp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:08:49 GMT
server-processing-duration-in-ticks
2551
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view
stat.media/counter/
0
135 B
XHR
General
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.orel.kp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 27 Aug 2022 13:08:49 GMT
Server
nginx
Connection
keep-alive
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16803468/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
368 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:03:03 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
347
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
OlvtKsrp0LEieYcYdR0A3qWnRuP-hkXhqH0U1Qd4lxX1wWdXKRYDeA==

Redirect headers

location
/internal-c2/default/cs.js
date
Sat, 27 Aug 2022 13:08:49 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
Q9XNQF6zMpnvpX0eWSP9EqZcSMsKouU5kGpce4sF85aS_3G3ZhsNHQ==
x-cache
Miss from cloudfront
sid
mug.criteo.com/ Frame 47D1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.orel.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ecRByXxtYzhIc05NdVpwdklxaE5sTlRvNkVrRGdNWmUzRG5TNmZyMlFJRzlyckQ1OFFUTmMwVzJjM3NUL3FIZXFZemhwdUkvWTRxZUc0VGY1QkJqTXJpdkdHWUFTVTBKUktybGdkaUx3MmsvWkZlZEhZcTFhQW1kMmt5bV...
431 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=ecRByXxtYzhIc05NdVpwdklxaE5sTlRvNkVrRGdNWmUzRG5TNmZyMlFJRzlyckQ1OFFUTmMwVzJjM3NUL3FIZXFZemhwdUkvWTRxZUc0VGY1QkJqTXJpdkdHWUFTVTBKUktybGdkaUx3MmsvWkZlZEhZcTFhQW1kMmt5bVhIS3VmZkwvWGVQdmNvZkhoeUlTQ1ZqTnUyNTdKaDU2dTZZcm43TWJrc09zNUkvNUhPbVNLUjlJUllNY0dLMERCeTFzdi9QKzI3VFFQZnJWYTVCN29JcmxncDZlbDJXTVMya01NUEd4bm9QMXJFSXVrZzNveFVGdytlM2loRldJbDFkVEZNSCtIfA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
60f21c5792c62aa645298c85af243b55b664ebafaa05db81a4896c7ced399bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4525
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:48 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ecRByXxtYzhIc05NdVpwdklxaE5sTlRvNkVrRGdNWmUzRG5TNmZyMlFJRzlyckQ1OFFUTmMwVzJjM3NUL3FIZXFZemhwdUkvWTRxZUc0VGY1QkJqTXJpdkdHWUFTVTBKUktybGdkaUx3MmsvWkZlZEhZcTFhQW1kMmt5bVhIS3VmZkwvWGVQdmNvZkhoeUlTQ1ZqTnUyNTdKaDU2dTZZcm43TWJrc09zNUkvNUhPbVNLUjlJUllNY0dLMERCeTFzdi9QKzI3VFFQZnJWYTVCN29JcmxncDZlbDJXTVMya01NUEd4bm9QMXJFSXVrZzNveFVGdytlM2loRldJbDFkVEZNSCtIfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1458
content-length
509
expires
0
event
ads.adfox.ru/232598/
0
66 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=ef6fcd1e43d035ae&pm=bmq&pxo=T0sJdDKrxtBjTz62tHz7MtDYCY0pfjmmwxAq16diMKTEkpoyD6VIQElCdlSun0WSwfg2fRDbKtz7mOkE3HXBYTfyRSPQJ0lDHXQ4UKVEtVLV4TzFTKuXg11k22B-7bp3qjzdHeUmcm92xlwv7a9CN3Ak1AS--5nVqr8A2pVqumSuJHC845d1&p5=gwdbk&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=efkwfpu&sj=BehuTbujo5wG5re_7FYqbITHNFTXutkhQaFD6vj7Doc_6G_-PUvnKmL6mmZIGg%3D%3D&puid1=adv-1661605725094-594&pr=mxktefl&p1=cdinl&rqs=XG8zHB1qZEhdFwpjgHcrBuJISwfl-pey
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:50 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:50 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/232598/
0
66 B
Image
General
Full URL
https://ads.adfox.ru/232598/event?hash=48e7d4ee1ac06415&pm=bmq&pxo=wkMUZ_yQ3KBt01B_hRUnRhGV_xd970_W1Q_nNiU2wfR7RHiu-mnZX_fL7_44724JYVkz7wct2F36zA5ehgQ1DH0Y-jjQnSLvpaWX_V6x_GbhYvz10EJ538_F9A9dTelxmahOb0XXSc35fXLbc7wvP6UGXJ9hgVkMcpL27jitT7zIzJEH2Q%3D%3D&p5=gwaok&ad-session-id=2328301661605725146&utg=oxum&lts=fjwciqn&ytt=274879517687813&ybv=0.638452&ylv=0.638452&dl=https%3A%2F%2Fwww.orel.kp.ru%2F%3Fsection%3Dsociety&rqs=XG8zHB1qZEhdFwpjDfLYI7SQcy8WrtEe&pr=mxktefl&puid3=top%3Aregion&rtb-si=b&puid2=society%3Azenyandex%3Atoday%3Aincident%3Aauto%3Aaccident%3Aemergency%3Acriminal&p2=fbao&rand=bffdkmr&sj=4xo2T34kJ5jtsj7iGfpX2mDKOk4C0S1RmZ258iio0Y1Wt-pKI9S90uKAjKPu0A%3D%3D&puid1=adv-1661605725099-373&p1=bufhv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.orel.kp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:08:51 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Aug 2022 13:08:51 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH0h6sRx27L4lWZIERTwdxzNclZ-AFxl_WcmkLHh22fGEZw3Zz3yI6oxpDm_ctXLuLkeYKt-HgLq5ZMrd_yMrYL8Qn_H768scHsokz2q18yBymi55P&sig=Cg0ArKJSzCT_SasrQH_eEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220824&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=56130060&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=2&r=b&rst=1661605726387&ec=0&wmsd=2

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| canLoad function| requestScript object| Ya object| yaContextCb object| dataLayer object| biddersMap object| adUnits object| YaHeaderBiddingSettings object| pcodeJsonp638452YLm1vV2Noc object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime object| scrollMonitor object| __activeTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| Criteo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_127 object| Criteo_127 boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| smiq object| yaCounter26254 object| google_tag_manager object| MSCounter object| mscounterCallbacks function| ym object| tags object| google_tag_data string| GoogleAnalyticsObject function| ga object| ttsmi2_data string| qwerty object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| yaCounter1051362 object| yaCounter38305645 object| yaCounter29473495 number| smi2TrackerSend object| smi2Tracker object| __statmedia_callbacks object| msCounterExampleCom object| __statmedia object| U function| StatMedia object| statmedia31456 object| a88rj98pd3lt object| closure_lm_803520

55 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
.kp.ru/ Name: w3k
Value: bacff0c8-2fed-4f27-98bf-d791ddd11bcb
.kp.ru/ Name: w3t
Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJiYWNmZjBjOC0yZmVkLTRmMjctOThiZi1kNzkxZGRkMTFiY2IiLCJqdGkiOiIzM2IwZDZiZi04MTc2LTRkMGEtODE2My1jNTY4MTZiMDAwN2UiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiM2FiNDYzYTFiNzEwOTM5M2ZlMWZlMmFmYzc2OGVjNTAiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA4LTI3VDEzOjA4OjQ0WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cub3JlbC5rcC5ydSJdfSwiZXhwIjoxNjYyMjEwNTI0LCJpYXQiOjE2NjE2MDU3MjQsIm5iZiI6MTY2MTYwNTcyNCwic3ViIjoic2Vzc2lvbiJ9.pPs6P96hudGLdkLVEatcKXGkINyhMdbfST1Qpqstm2wnTB36Zb9oWk47DbOg3gBkhOPNsv7qf0vU-8KtBiU0jN5Ce6b518LWkf00Qu7vqeN0t8YiModrg2TY1XZ5eMf3xt9y2I_m2PXOPWFlfjQq3NMdmnwxT3eiUxFmkk9ZDBrwjrP7ZQnVtRr8iRSdl1YALxlRw8uf7td4_19ahNCqNGTxFPialVkT3Bw3uRqFgDzp2rK5Hx3tz-41jhlfYimw51mfSb6Z5fGTo_MCq8s66vw-v_JIQGyq-xmG8yW30lAiazQ6C95ZbroYVyUVxF6dZc8zNGONRen8wq0ZKHT5xg
.yandex.ru/ Name: yandexuid
Value: 5216410941661605724
.kp.house/ Name: w3a
Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.hkIOJkbtLkAyHeCTEiKmGuWUkaOA9ugfKYT0e9hLfpiVsqNi-MTUOJwe4a9_LcqX3iF-IsrwA0O8ssRZVG0bOJUFa-uaD9B44BLd9ggK7G7nmDX51hhKLf81rpXsWrWok1IBlkDHaK5F2ECODswDS_qmKK8W9ftfclGNzOomU_a8Pg4AXL1McCUnCDaFkRgPCfu_yHfKx6dBUBG6PXyQ-iJm0XLqVCfjJ-55fA49lfrxkhWXW60mmzeMyg6lnqNP7kzlzUM_ewDe39qIAc2nzyHT_fS-SHzIMP1jXYIYnqkmRN5YAfLSOOGl_BwyJ3i_YDMCOojUYUF9GyNYVbEiuA.tiQ_HzJI7zWABl4M.0SbVJvEgPEgTY08u02m6Lc7f.LRwrlpX5OROpZpKyzn3dbQ
.kp.house/ Name: w3k
Value: 2aee5b60-b949-477e-ad6c-4fcd170ab530
.kp.house/ Name: w3t
Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiIyYWVlNWI2MC1iOTQ5LTQ3N2UtYWQ2Yy00ZmNkMTcwYWI1MzAiLCJqdGkiOiJjMThkMGY1ZS1lZjNlLTQ3NzAtOTYwMy00YWMyODViZDMwMzMiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjYyMjEwNTI0LCJpYXQiOjE2NjE2MDU3MjQsIm5iZiI6MTY2MTYwNTcyNCwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiNzYwYTg5MmJjOTRkMGVkNTMwZTA1MTA3MmNkZGEzOWMifQ.YULrwAkUpaD5BotUJlP7OqVZB5_c-PPiCDAWtBdv53jRqz0OBpyTQr9Vturpq7SNTvEhdH9h7dTreGxi8AyUGQryUmAc5TsTUGml6pl7f-h4pQmE1pXKpzgn-aAE8_509BmjrfkASS4O65CiwYWQQ5YE7e1BSgryVl4qG6YsTGN2Xjsehc2cdJJtNEwensTFBeQKsx7KdCHGYKL7isxGfOQPtSU48owCr_q-l-EBL0HV-nVvEsuw8jS6nDaty6ZMR9Ln2WeAg6IyM233glKaB5C3aAzDfr4sZ5G5gguDmsfAx1kjKlPA-EdTrLuxGdTbvQSoWkDIEG5vdT2eXENJ3A
.exchange.buzzoola.com/ Name: uuid
Value: d526ee4d-fea8-48d7-7d31-22886f02b851
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: cb0ba699-f266-52ef-b6bd-d495d5b7c3c8
.betweendigital.com/ Name: ut
Value: YwoXXQACeNCcNdn7iH7ouljowmGcEXR_gXrD3g==
.exchange.buzzoola.com/ Name: cookiesyncs
Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
ssp.bidvol.com/ Name: bvuid
Value: 9a2nn2k8as
.24smi.net/ Name: smi_uid
Value: IW0qZ5esU
.kp.ru/ Name: chash
Value: rJmEgNtqxI
.yandex.ru/ Name: i
Value: daRuPglTj8sL6hiKl1LEC2v+MKL+YCsaBopuIdMc8BZWYJlS5rjzbDpc0PF0IXogcjkk9Bxn9Ja1vLX0UKXc6HofPb4=
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 357707470fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3351996782fake
.yandex.com/ Name: yandexuid
Value: 5216410941661605724
.yandex.com/ Name: yuidss
Value: 5216410941661605724
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 12748271661605726
.yandex.com/ Name: i
Value: HJxTTnLGAUlTHShRdSCDPBUsSSfKUaqcyxPnuom9tnHybN1iN01KpLAvItzgcldLMlm4W1cAMm2rdNeiUWJLTvNAmTA=
.doubleclick.net/ Name: IDE
Value: AHWqTUlqXiT1DbCthw2cbDp4BYGCvGnt1JaRu7OeLGlb2OF9JAarXKyBsJ3J_iBUcj0
.kp.ru/ Name: __gads
Value: ID=9704f84377fd47e0-225e268309ce007f:T=1661605726:S=ALNI_MZwEdFIZI_eqD_i-Slz08enR_i5OQ
.yandex.com/ Name: ymex
Value: 1693141726.yrts.1661605726#1693141726.yrtsi.1661605726
.yadro.ru/ Name: FTID
Value: 1Z2XTU2a7zeO1Z2XTU003Bgg
.orel.kp.ru/ Name: _ga
Value: GA1.3.1619383818.1661605727
.orel.kp.ru/ Name: _gid
Value: GA1.3.250186742.1661605727
.orel.kp.ru/ Name: _dc_gtm_UA-23870775-1
Value: 1
.orel.kp.ru/ Name: _gat_UA-19328520-20
Value: 1
.orel.kp.ru/ Name: _gat_UA-23870775-31
Value: 1
.yadro.ru/ Name: VID
Value: 2nlqku1iHu8O1Z2XTU003Uvd
.kp.ru/ Name: _ga_8MQ0FGXD1P
Value: GS1.1.1661605726.1.0.1661605726.0.0.0
.kp.ru/ Name: _ga
Value: GA1.1.1619383818.1661605727
.kp.ru/ Name: _ga_GP3S318PND
Value: GS1.1.1661605726.1.0.1661605726.0.0.0
.kp.ru/ Name: _ym_uid
Value: 1661605726570709986
.kp.ru/ Name: _ym_d
Value: 1661605727
.kp.ru/ Name: _ym_isad
Value: 2
.tns-counter.ru/ Name: guid
Value: 28EF6907630A175FX1661605727
.doubleclick.net/ Name: DSID
Value: NO_DATA
.stat.media/ Name: _sm_uid
Value: d27b2f26-3398-49b9-a732-36fe5fcd2d01
.stat.media/ Name: _sm_udt
Value: 1661605728974
.stat.media/ Name: _sm_sid
Value: 6b1a7bec-4168-472b-8615-d2992d1f093d
.stat.media/ Name: _sm_cm
Value: 6
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CPUOEMiGARgB
.smi2.ru/ Name: _sm_uid
Value: d27b2f26-3398-49b9-a732-36fe5fcd2d01
.smi2.ru/ Name: _sm_udt
Value: 1661605728974
.smi2.ru/ Name: _sm_sid
Value: 6b1a7bec-4168-472b-8615-d2992d1f093d
.criteo.com/ Name: uid
Value: cf5b515e-97e6-47cc-83ea-0104bf881467
.kp.ru/ Name: cto_bundle
Value: Rl2boF9Zc1kxSGZKMEJ2N0JWYmJ3NTVmSWJEMlc5JTJCQWFaNzdsWUw4czFZRjVKRW0yJTJCbTFYWE9SSFhkSlVtQnpXT3FVbWpxT0lkV05hWmxsdk9QZnQzd3l2anMxeUJOWTJUOCUyRjRHbXk5WFJSdHVwQmVGT3lQNzhYRlhBckZ4ViUyRllMR203RGo4WXk4bnVIZlJhVmQwZGpEVWVuZyUzRCUzRA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f1c0da5ca2a934e499f7d923ad7c71c.safeframe.googlesyndication.com
64e7dd993741a415cdf5c1ec24dac45d.safeframe.googlesyndication.com
9313119206231bfa044a6648ccb7b466.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
counter.yadro.ru
data.24smi.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
identity.kp.house
img.24smi.net
jsn.24smi.net
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pda.orel.kp.ru
region1.google-analytics.com
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s10.stc.yc.kpcdn.net
s13.stc.yc.kpcdn.net
s14.stc.yc.kpcdn.net
s16.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.orel.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
pagead2.googlesyndication.com
13.32.121.72
142.250.185.226
146.185.195.88
159.69.142.212
172.217.18.2
178.250.0.165
185.184.8.90
188.42.191.196
195.209.111.22
2001:4860:4802:32::36
2001:6d0:4001::226
2606:4700:10::ac43:581
2a00:1148:db00::17
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:e1:2801::254
5.188.198.148
65.108.1.48
74.119.119.139
82.202.225.227
82.202.225.240
88.212.202.52
95.181.181.12
95.181.181.82
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04d3d50fadbb70b542be747af21a413fff19da057220995a75134e4e20f18416
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
068b4a9910fbcf180de07c70cf5818f3e707b011c33fc19a5bba7ed8d3afde4d
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
08704dffba1cb6bfd01902e7c409ef2a32cf24e1b5f50e0d74c97d70335d5e7e
0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6
0bd22e09d4adabfe32329aa174e6ee52e84230564f2978e9c3f5835f40f4c1a2
0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d
0e3c2b569feb8b04fb3a1b792387fd4b76636b62b419743eaeaed6b1fba96140
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
11c4f483cc273bfc1affe3e5eb328b51ed526d1c262c6d972a420ba822b3bacb
12cba32bd3140fd295ce10f9f1cef5e68523dd86a34a4618a2fa1d8bdab9fb34
15faaad9af4f4cda247a27e82a213dd9b4c869fd83453ad90782e5267fbc284c
16543364b182b8ef4ff9f7bac97bb660a8a0f089067140e7f34e0bec1e91f8cb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
1dd40f5a9888271231258d5076c38d36d67758105b909eeab0be6f7d79ab0daf
24287f9d20dcf167577e48a9a65d297ee75926f2c140696b922996e27a303f9c
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270
25f9e6f20b6570f46796ec4baf73b9881750c823ab4a726038a25d6067c9a930
28e89bef7c1a5b656c7bc866a3728b5eb14972fe23b16ca23269a31a2579283d
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2b3268cd7d6af920d9ad9ba194e46189fb093f9f63e389f0c7501303d6f0efbd
2b8361515b39f5e9f277362563dddec841077527b695814c676e46ba4f22452b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2efcbde6ec02b22a2d16f9fb80540f481747d6100f1ec480ddb0b7f3472ab779
311a4dd5d723045ba198478f0232f1f80ae64518fcb75942ec50e24854459b95
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
339a490c8e2fbcd089f57e775d3a0958b230640f7376517319b300a95e27642c
33bad5e3b66619258034b543ffbfe87aa226ece75571e44333792c106059791e
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
397e7f594614f1ae26f966ec8a47dc0234e5840cb6269700b740f761c73b15bc
3c8530bb991f95b6380e98d4950c3ba10072664af547de2196b599e7278b9f9f
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
422be4142d91c461f7fa4e71bd26b9e62ffede36ea22ec011d8c060956e64668
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
48b23213d0212d24a9ba179660a82ff0c967dad062a9475b5fc0fe1c43ef9c38
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a349675306785f5d0860b6af29b39fb5a4e7a19e484d3e536328582dabfefc3
4c6e261ec58a2d34a827a10854f6257cd9911f8a2784df02c90b90b05a5b07cf
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
504d9e9a0c6f1205ec27da2f049ec929a835f4b36277f1bfbf9a0521d2bc8318
535cd50aa8ca78a00c768f48ae2cf146b83f000dd796167aade018013578a557
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5b1319dda4cd70f70efdf5a4fac714b034d7ad74c6c1833cbe68f377ed94a90a
5db3eb38fcb64d80fe8c1993a5fe172fe2ca6e5a75939f7a481adad870543626
5dbe34edcb2fa8c2ee78d0d71b1fba97f82ef362ad2fd56d77ba4a544fc53ac9
5edd92e583f4a3a33b692f58b602a8a00cd19830eda3af24d85a84a6e6f9f018
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
60f21c5792c62aa645298c85af243b55b664ebafaa05db81a4896c7ced399bec
61890e702ecc66308c08d785457d1f472c8f3e510edde217c33791a25f47af47
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c
68ff016e77d805317125a6ae49b160d2afed4f71587c8e58424af36d9393b687
69097add1828ce9e65ed34da29bb103edd596ee8c7b610a3ef01e01d028aba4d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6aada6b83c73fb2c9ee40846b49edee470f9caa94e841ac2d7080a556ac18413
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c56827da1c17fe2a0b144204b1f8e9cf0fc1378db69721a16c5c814e3e168f4
6d038009e35ee22188efb61e2b25684ca1b712999ca3b8148b77a4466cb26b4b
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
74045cd2021ffbf3a064a0b496bc401c8d27f195b88507afdcef3f8a5ea99b73
746fd26ec5673cca8d59db35288bad8ea1acf681306bd02959ba9614f7c0d8b4
7507a852f49e8cf6f9a78f831fd823ae37e6d89f275fbfff23f6b0f6ac4e888e
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
78687a2bda2b9eb4da61bfecc0c8d9be3e01983d4c4277b5d7ceb87c82bc2202
78b852ca73b171063a9bba4db3ced5d6943d870b0c920b3be7c33e63a55bdda2
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7dd34c9eee35f531427bd86eb783c9a5c08f38d69558d4db32eb3b7f8fc706d6
7fa8b1a0e61c704416ed0478d72785d87a2540544098dd704856fd2cba19954e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ecfd8e9bfcb56c30ab39b5865e31a050f720db76809fbc0c811caf2827e673
872e94890b03f9af48a7e5e96921028874875291af778d117e5a674fbf87305b
87e477ef383e1521fb3c5cd3402a63b354ea2d2911a4553067684b3cf3f3f7e8
8a03caff7424f8c8bc29f876da388914841ffa8e03242983d6bbdc4ba4bef491
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0d0e27b376d7f01db6c89c702988b7995c0ac6123a7caad6bf1846647759e5
90ea29ef27371297264e8369b6c4ede06e7aa68a57680fb4e084d9e4de47f8dd
91d6b84d7c4a150b0e2562c06301ef080a7198489e67bdc986f9be044770b23f
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
943af65109daf98a2b2b9df3f48d8b1d5d889801e4cff6337c0010fe0da6647b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
982073f1edef692232c09620bde517fedaff869ab7828c7a8db1c03b2fafd07b
99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0
9b06f73c2d1f6225104ae62c2076ad2adc41c8993892f5fa335f4a6fb672ed7b
9bd6827d194ed919b9c6a0f09dc1750f688b004cd3c87f0b2632a05d049ed314
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9daf36d4da11aa949861cd84a3ba3925d31b05afb828e1b11aa19cf72736cb27
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19c45ddae7042d6a7e9cd42e8730d263c932042063797d888f04ddf27ccd059
a472d3347fbea82a7325067ead12c3a94291d1b78d4bef7a81ec569979fe0b98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73b675269e40c78097c9aabb53218b5664c4bea6655c9432a55c191b9264212
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
aa110a8639efcf6414bc1b2c25c74a78b7c08999c627a999688169d87bfa8404
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70564331a56b118c56b36625de2cfb51cd79d34557b4cdb169d4f91c417d3e3
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bd17a6513ace2fe24404ebb93892da64e35fab029a9f41bca8d1ec5051458cb5
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c1d4ba654e70fd3dee803529a3edb6f311069f266e344c11e954337bb276d7f1
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c8929c88d0a125e5a78ea80f7d750dacda74f3ee54be59ba77589a75d18d89f3
ca4da12cb354937a133f8eb9dd3c019612db02ff000471f98af3be104e753fd9
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cc1ef4ed06289911c989e537c6f45b580386ce3080cf5a0da043eea75e868d86
cc63b13313871c1f2d6c730de93b21fef5f5cc8bfd0b3002688d94336ae3bbaa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d4e9d02ddd9bf29168f326e3c7437bc9ba7c8d90407011cb15f279343a2d438f
d60a570eb0615b3c9bdab83f38d5159cb7ab7361d52b28b0fe558c2b4a7b2aba
d6358eacf9a7057eb1573600137f81f572b7c65b9d365c67505c6ed229d7f523
d6ef49bcc283324b372025c5043431d75fb4c62f154bef47116edd338f453409
d753a5dec79d867ea9001bb5ae9e6fc4b0d959a6045d02980bd4a28fc971364f
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
dd2e992ce837648ccc3ebc487d8407f8ff2e4a7f1275931961ed236d8c0f76d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2e051c7bb7d7d59ab30e73a998eff6ee2df72e4609f4b6e0d1ec1a80e712446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c227a219e6643ae8581c263c89c5fa67db5dbd8cd52da772613843c7f2a386
e556d4e5d4460cc0ac6fbe5bf374c221566a41314debe196f7876f9744a3dfa4
eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a
ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c
ee40f20324da662778884d5ddbe98e4b0797de4c36d0cfe01b417382e681299f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff980b37035b0cd186f37131d156a7275f00aaa82ebfd25b06080a6cc8146c0
f2247eb6f400e4adbfe5b8457624fc866d3adb2dcb2c7c272f043411c2a4cb3e
f2294c4453bd5485d7375f4ea5e5e8e8b868ea839a0ca12bcbae7d364768eb32
f33686bed3d6f169eab0a750e2e514e31fee74c58ccb8aa9b26705e79b3158a6
f5428b5ba66559d834d12725fb1c86c55f1392aaad426811130f5d673d58815d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f8560ab464578e68e658351a4198a3ba5194ff59e4045ff9dcd946ad391cbfaf
fb97b96610b6440936056006cc80eb5353a3b9de8a1de3706b50eccc4ab75254
ff495faa2d1d7e5fd66d399eef697e1f0f31ad9be129a236997964c70cc1b734