www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nur.kz/
Effective URL:
https://www.nur.kz/
Submission: On May 23 via api (May 23rd 2022, 4:36:50 pm UTC) from AU — Scanned from DE

Summary HTTP 420 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 63 IPs in 11 countries across 54 domains to perform 420 HTTP transactions. The main IP is 91.215.139.234, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is www.nur.kz. The Cisco Umbrella rank of the primary domain is 477900.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 29th 2022. Valid for: a year.

This is the only time www.nur.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	91.215.139.234 91.215.139.234	48716 (PSKZ-ALA) (PSKZ-ALA)
67	94.247.128.34 94.247.128.34	48716 (PSKZ-ALA) (PSKZ-ALA)
1	142.93.104.37 142.93.104.37	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1734	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	18.66.248.5 18.66.248.5	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
8	95.216.24.150 95.216.24.150	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.2.63 18.66.2.63	16509 (AMAZON-02) (AMAZON-02)
1	3.20.242.89 3.20.242.89	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	94.247.128.43 94.247.128.43	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	94.247.128.38 94.247.128.38	48716 (PSKZ-ALA) (PSKZ-ALA)
56	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
35	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
17	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
7 32	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6 6	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 7	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 2	3.125.240.25 3.125.240.25	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.169.133 3.68.169.133	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	18.203.7.223 18.203.7.223	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	54.153.103.110 54.153.103.110	16509 (AMAZON-02) (AMAZON-02)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
4	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.18.17.186 52.18.17.186	16509 (AMAZON-02) (AMAZON-02)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
420	63

28 91.215.139.234 (Kazakhstan) 1 redirects

ASN48716 (PSKZ-ALA, KZ)

nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 94.247.128.34 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

cdn.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.104.37 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1734 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-5.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.216.24.150 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.24.216.95.clients.your-server.de

tttt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-63.txl50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.20.242.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-242-89.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.247.128.43 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

stat.khanate.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.247.128.38 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

nurtech.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.225.206 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 216.58.212.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.36.113.23 (United States) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.102.29.65 (Milan, Italy) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.240.25 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-240-25.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.169.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-169-133.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.7.223 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-7-223.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.153.103.110 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-103-110.us-west-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.17.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-17-186.eu-west-1.compute.amazonaws.com

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	googlesyndication.com 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 ade.googlesyndication.com — Cisco Umbrella Rank: 269	839 KB
95	nur.kz 1 redirects nur.kz — Cisco Umbrella Rank: 374847 www.nur.kz — Cisco Umbrella Rank: 477900 cdn.nur.kz — Cisco Umbrella Rank: 579123 webapi.nur.kz	1 MB
67	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 255134	374 KB
33	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	289 KB
17	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 685 www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74	2 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	271 KB
9	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 17292 tttt.onthe.io — Cisco Umbrella Rank: 830432	20 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33656 hal900012.redintelligence.net — Cisco Umbrella Rank: 332457	37 KB
7	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	7 KB
7	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524 us-u.openx.net — Cisco Umbrella Rank: 399	1 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	291 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	2 KB
6	pubmatic.com 6 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	3 KB
6	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10246	416 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 l.clarity.ms — Cisco Umbrella Rank: 2185 c.clarity.ms — Cisco Umbrella Rank: 668	25 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
5	yastatic.net yastatic.net — Cisco Umbrella Rank: 6107	181 KB
5	yandex.ru yandex.ru — Cisco Umbrella Rank: 1392	81 KB
4	parship.de www.parship.de — Cisco Umbrella Rank: 312515	15 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	688 B
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 598	754 B
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44639 medialead.de — Cisco Umbrella Rank: 44079	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	48 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	instana.io eum.instana.io — Cisco Umbrella Rank: 6962 eum-eu-west-1.instana.io — Cisco Umbrella Rank: 23964	10 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	1 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15147	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	800 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 414	959 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 4319	792 B
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 568	1 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 46392	757 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	973 B
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	808 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1128	796 B
2	khanate.pro stat.khanate.pro — Cisco Umbrella Rank: 916919	324 B
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 7908 certify.alexametrics.com — Cisco Umbrella Rank: 4391	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 232	555 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 77703	312 B
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 321883	1 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43330	607 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 42544	611 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	863 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	247 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	5 KB
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7527	25 KB
1	nurtech.pro nurtech.pro	797 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1364	39 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	68 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
420	54

	Domain	Requested by
67	cdn.nur.kz	www.nur.kz
56	tpc.googlesyndication.com	www.nur.kz 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
33	s0.2mdn.net	www.nur.kz s0.2mdn.net 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
32	cm.g.doubleclick.net	7 redirects www.nur.kz googleads.g.doubleclick.net 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
28	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com www.nur.kz tpc.googlesyndication.com googleads.g.doubleclick.net 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
24	www.nur.kz	www.nur.kz
14	googleads.g.doubleclick.net	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.nur.kz
12	securepubads.g.doubleclick.net	www.nur.kz securepubads.g.doubleclick.net
11	static.criteo.net	ads.eu.criteo.com
11	www.google.com	2 redirects www.nur.kz 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tttt.onthe.io	cdn.onthe.io
7	www.googletagservices.com	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com googleads.g.doubleclick.net www.nur.kz
7	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	image6.pubmatic.com	6 redirects
6	ads.adfox.ru	www.nur.kz
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	yastatic.net	yandex.ru
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com 8019191.fls.doubleclick.net
5	yandex.ru	www.nur.kz yandex.ru
4	ade.googlesyndication.com
4	www.parship.de	hal900012.redintelligence.net www.parship.de
4	googleads4.g.doubleclick.net	www.nur.kz
4	hal900012.redintelligence.net	1 redirects 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com hal900012.redintelligence.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	hal9000.redintelligence.net	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com hal900012.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	id.rlcdn.com	2 redirects 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net hal900012.redintelligence.net
3	pix.eu.criteo.net	ads.eu.criteo.com
3	webapi.nur.kz	www.nur.kz
3	l.clarity.ms	www.clarity.ms l.clarity.ms
3	www.google.de	www.nur.kz
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	www.nur.kz www.google-analytics.com
2	c.clarity.ms	1 redirects
2	e.dlx.addthis.com	2 redirects
2	8019191.fls.doubleclick.net	1 redirects www.nur.kz
2	www.awin1.com	1 redirects 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	d.agkn.com	2 redirects
2	d.adtriba.com	1 redirects 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	stat.khanate.pro	www.nur.kz
1	eum-eu-west-1.instana.io	eum.instana.io
1	c.bing.com	1 redirects
1	eum.instana.io	www.parship.de
1	ad-server.eu	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	trf.greatviews.de	1 redirects
1	pb.media01.eu	hal900012.redintelligence.net
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	avatars.mds.yandex.net	www.nur.kz
1	ads.eu.criteo.com	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	www.nur.kz
1	nurtech.pro	www.nur.kz
1	www.googleoptimize.com	www.nur.kz
1	analytics.google.com	www.googletagmanager.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.nur.kz
1	certify.alexametrics.com	www.nur.kz
1	certify-js.alexametrics.com	www.nur.kz
1	www.googletagmanager.com	www.nur.kz
1	www.clarity.ms	www.nur.kz
1	cdn.onthe.io	www.nur.kz
1	nur.kz	1 redirects
0	googlecm.hit.gemius.pl Failed	849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
420	82

This site contains links to these domains. Also see Links.

Domain
play.google.com
special.nur.kz
kaz.nur.kz
1xbet.kz
bit.ly
ads.adfox.ru
ffin.kz
t.me
news.google.com
www.instagram.com
corp.nur.kz
www.facebook.com
vk.com
ok.ru
www.tiktok.com
apps.apple.com
appgallery.huawei.com
nurtv.kz
musicnur.kz
rabotanur.kz
genesistudio.net

Subject Issuer	Validity	Valid
*.nur.kz Sectigo ECC Domain Validation Secure Server CA	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
khanate.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
nurtech.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
www.parship.de Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-12-10`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.nur.kz/
Frame ID: 7A3A8FFBDE5E345D6EA61FC346E15BA9
Requests: 166 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CE726FB888BD97A0304F56BBD116345
Requests: 1 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D182EA1677E976B61B2D37E84572BAB
Requests: 8 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6AE4C2F43C12237F2B47459514BCB62
Requests: 8 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68825FBD0CEE064B89E1DC25A9379E58
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html
Frame ID: D8501DDCCB470832AE29E879AF168EB9
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=You4BAAFIIkH_YeAAAhRbqsSsgubEv_sQudkpg&u=%7CFiqg3GsyDIpqd4LQDqRXOfcjiTNKg4fNF58QcO0F8dg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJi-Uw59y2z9-7RoXW9VGUm-QHNx8gBnWJp5bibwESGaGbZaE66369XU3D92Sl2RKnP8YdmQbkBa_59HILjAnaFEvCFLu_94Ek6zW8oODjYL2iiKvDE4bl4X7eL_ph8MuRQ9gchzi8trM3uNolvUP8x00hXeLtQ6skm5xc-gQF-Lw77fB11MEtzpyq8cRX-xEg-E2TgMyMSEYpuI6LRPKBP9w5Vc0ZXtOluaeOrCc2TBZWHCPg8B3Oa2e5Wallw2FaVjXV6dh3LJeC79nAErReeCJ3AR6bbwe2JAqgVaMh9C-Q6TGZObaDZpIeBX87qgAXs_aOCL6M3R0e6pyTzg6ecBFx3ewuvD_vspcSjuF_7DAdD-tfLw7ON7fJvB3_O4lzBvBjGCTrfsZezQXf62T8Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO1f5BLiLYonBFICP9u8P7qKhaMme0rFcvfGU93DAjbcBEAEgAGCVopWCoAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M6AB1bbS6gPIAQmpAp_78Q7y6bE-4AIAqAMBqgThAU_Q6FQOIlAnpuBDbN4UzOhKdsyB-PxP4_MhpBOaIWXf9ikaPTHDUwhntZ8droCKI9OzFjfFTuLmAVT0yveIyxuYEpGB30k_D0wDCpAVj1Y8nMFHjHw4FhOTnotOjo8zW-kWPo_8u1v_hhNvRME4xjkpdZG2PSv6OKnrqkVm6cd3oI0BKrEudneZi5cW54C-zWTUO9Hz4lb2aeCEikDPWemh5FnTo5biyrhLov-3Mpn012wxqjOXK-rrS5B6CcJUKP931PC4TypckkIMuTqeBQghvqUN31JPGTxDMnW7M8RuEeAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2nQGOZu1p8On98N4FmT44njXrmNw%26client%3Dca-pub-3369263710096163%26adurl%3D
Frame ID: 0B1FE7226B1BD39993A99B57F98D8CB2
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html
Frame ID: 0B6125FB658BF20A2A8F9A1AFB35A9CE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B68EA0BE975109D20BE219D9F71D5E0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C0747170871EBD68E267BC4371002595
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: DCD8AF3E09F052C53FB90FB952BB3C77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1653323780&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780199&bpp=2&bdt=1590&idt=192&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&nras=1&correlator=3349062393711&frm=20&pv=2&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=212
Frame ID: F09B6130020154EEFA9F0F2C0E0172F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220
Frame ID: D0C87A14E660EA116FBF3BB257D862A3
Requests: 16 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FCA9E86BBBDEDC9262FA1DFCFEC1EC5E
Requests: 1 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F79A4DDF52C026C44603FDC074610776
Requests: 15 HTTP requests in this frame

Frame: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 00320603791F0F5DD0D9D70370BDAF76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F1D9BDDB952C73909A07BE0929B0219A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNWGGFpVJ-u_a5TOBzA7jzL6Y_zeJ6LncllPAV2iBs7UxfpvKFyORdoaNixIMJ5ErkG-xgEvXt8lVQJnuziNF3nrdIwfHYNlUzBhZ260MPQzmMBtW5QaH5HHr4bdG3CJHNZO2T0UKAF640_vPNOeBgTpgvSkJnMDyk7QrrdxTxtUWzJUFTU
Frame ID: 243D044779FDED6611090AED96033EC2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHyOZxf_XOCGAodRSC43afixQZOGO5T_bnAGJVHO27_QVqG77g-MpCKupSVwRj5p4NYq8AiEQhH715mr1hn7UA8-3mRkOkZJNLE40G-BfybZe3M3QfIiqL0HviCEgi5vVwyeLRxMlYvzV14vNg8uXkCDdfdQ&dbm_d=AKAmf-CWn7PWPCq_Bg0etIa8mPGPLpPci2j7TiVMN9buEse2C2Tt8XUhGdsTXKs8ojDWJ3VMVbNFBQBK6q_mHZEuZg_XHYTyeern8g-RFm4q1laUTSZbcRlQZ3aLKwtGwz4CUTgjUL1JkeKuVkzya5x-R3B-MeUZsWvZKlfWd2FuyWeAcasAP58DCjYNGiIg2TaIWzkhFlN9M6DdTUr9ah1zo1hvv2Hv6WL4LGOwlzyD-q0MO7M20SYTfotK9GbeTsrVYLGDQhM9oSvBa0HC0TBScv7LYU66o9zC-4tSDLIpAd9dPnmTM0SD8_yde4xvqPKYwtVB7aocXRHDjhH9NbKI3wtkrWCu9KNPu8xRIrzPMm0mcy5Qp0VPmq9vtTcYlmO5YPulTTzfNqAwX06c9ruWZC4FJ8cLAipBdSDX_kErMZ9C1jtf31XjfekaTSQWy-5qxhQ1CIGcRlzhg25Z8usEiL8R5RVwowk--BW9q4aUalXtbVy6PZY12fK8-NaKmsVoYSpWu_XmTghoQ_7pngwLqyRxquSUThxTYa_2Zr6UymyJUNbGtQR1pem-bXKoESb2b5bkwzP2HeyD6iyaweTXhrvWDuChWBJTNdYgh4t0INKlJU02yw3Gd6R9zCHgXXB_rc77wct_-gsp6fDgcyY8rpR_nO9llWwsHjS6eEuAcUvsq_P2FYGEgvJiLuFHzA1w3xIUAtvFXeFPjROfymrVfPUjLlZnUB6EmMiN2lzYVNBaLQY4Y8qTc87DjoK_2JJx0Td7Vpecaq8nEu8rboORducPPx92ak8MlhXVn0CDLZ3KNGRv8kJxc1MgW6Ji6dtFN6m7jIB2FYKmGrMJrE-FHLiIEB2VFW3vxJxRiEGBvm9G484tsgwXW3g-75Z8JIexC3e3JzutnKvbnu_Jj_Wf43NGq5KBid1DmXWOejuChEwzLG4EDMsOlHV2LaM39Z3YMtGXc115sE8mRHJ3sEIWBFim6rMqOLuyv1Brn8CD1qxP8C5cV_dYe2cHoEsLLD0Wi3h_4UmOTpTO98LKvXFXWnLv7bhytdWXlkr5YHKDkjVEzoL6mj56BVMsBhzv1c4QzxFB9ROjQCqjR3vTfwsALsz9BDnOraJ99m61lfT3SQm-V_0hgv9WfDknMOc5t6PteiiX4GoQK55cvXgEN2GI-rAAsrXJz0y58pCmWJq6MNTj2OxjkzayuPx7MeZSbDiE_aYoOC2EO3uJsyNeisOxkpdSWVyeln13M8HpJl8H8gC1pqgrSxRcNgV9gn0Z1obn8BaZD4gHkMrY1k6MGSJKOUCtlb5QQSYyZktKWYzLv_3gmqeL0fhiKsIk1REBSln5L-6NQiQFqXGf53jgDV3V3-YJV7K9Fz4CcavzW9ta0QU4Kewa7_j0u1rWl2H1tiifT3h36bBrzjV6AYlfKZG9gVOAsA6TyN4GL3mfPep-0vHXLPQTfE5bXHp_-z2lfG3VApjwFRq8j3LC4zhw2ZPUQ1dMczzwP9IxxIzX3dTPliskIt7EsRYbyo7caD8TmAmBhxvj6Z0Usb_zPCBMfuKsxGNQqdkqgYEE9oJ5bqvj5t40PKH6gowsubI8Ni65bq5afsz6HI_F7kEuxsiX5WpaSST_DhddIqJyKJsqhWL-AqU2nDMXTu1lJIncewSyTdCynzT-EXOSCsPnR6lpfW74XNdwItVkmHQiq9wvuQDvkLiZFbBJGSTiWJB-VK9V2C2J5Vwl9vEO-uUUTCgAykAY-53TYq8kCew0uk3pB_eE7nHSUQ0kfunhv7s3cGgS0H21_LglOhEcFOLWoOxX2MCIKdAlKNm4DSErwYib8BfAlhx1-9S1RtFEAl2nXvf85e_NRLnWHD7r6I2zC4FCa1UxXSse3tXTp5Sb1iprbnOcR3LXOwZJBFVT8jK34bofAjTtM7FXpo_cYbeDp_fhQ5WUcJ6n44ApI-BklibTpokYCgt1KYLW31EQY_PZOapjHuOylWYVKNlLsLIhpQLVrt2Rl7nb9qPSUfrEFxxmjyhXHf0RX2CDVRArvcZ51WIwvcOkC19rp4ImyXGoPpbbr-ToXHVTnyxCsoC2ppY5R_qtHpkT6yPUwLlxLEkFveI9QBJO0ZNI0fxh8W-FnY917hbk1WiKAc5aRc6s7RCwnTSBFjMYk7-rfzF2rvjKx7Dlv4hry75c7UQ5xhOrMODu4VKjH_nAeDuPdQ1A7cYL9ADo8i026bRW_1onwRKlBZH_VauXP5rt28SmlvkEdFklOBnEYBHnT1NIBGvUcILW-y8ayt30uxpMTYnw2vfisV_ralQjGNhk0ECcDDqB31jw_EwCh5AP4mX3D-H1Q2pIeRNdDPLbKKDAXAQ4VKOJLYwSTDNNQunpJmIVQ8kurJx6w2CJH5PG0Rh3Pb47_RuRNcf6kyFN7kVKnWFqOQo-5C58DjLBLfPdv7a3xPia516TPxhsjXH3PMCJiqx6NIPT0BxA1HwszCsPpuFTDDVJ6ToExxTMkyrQeBo8GDoG0YS34ceQFXnE1Za8_IMYFvdLoxVGajt9y04Nj3qNHeU78uPaRsP7u68Q08wyMdYZ1soeOuBdtf8dd2o91hjnVBBHPzAJzESoHFCVVU3zx47OyP0xZ1P7RqBRTHFiIzi-XgXqiWjG_wPpaa-hm9Ow9WjRG8WGAZznLn9IEaZzn9T5sVoTuT9OyUPppCQrAHkif6aBqdO6J5ELHdZUtEk1fFgsNlKCrMx_Dw9xh0IPlCuEM7LKJ7E68PX00VfmPowEfymxBfqKi0GcmLe0vMY_u2P58xOAHkp0ShJf150vpsAwcjpmdBk8YaDv4ZcqaDd_JvTAwM2YPPmHKnLQpZBq5jG3m4-wZbzMxp9E0EFKZj1jeE8lnmOBN8g13TSCmA6pEKN6nYFEUuSsfbt8tPI7o0bRYbVRS4CYjArvN4wVzJO-sgW1jG58hSV2WIRLyxCoH1U2Xp9I04m4zu7j-RcJJZ5OgWLCrFcdOxJ4Ym7Nk14r-v6Q8txtSRyorM5Ve-OAafSaQBWGUFGLB7e3cc0wTf99QN4TMcowYVzhT6ZzAyWg3GGXbWlM4tQJf92O&cid=CAASJeRofteuouLBBxVnJyL7nDO7ApOsu-phv29AvdViBv3BwrPIKcI&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240
Frame ID: 091B623AF49962D7B6684CAC192F3AFB
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 9489FC3E4FD83B07850758B8611E92B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24
Frame ID: F0E90A4538CCD21D75F6B5CC34B75F38
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ
Frame ID: 65079046D96E5BACA7565404F6237C9B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_5cw9JFaclmG1u_bZ8feLZdRSFHDK-oRSpXQyTyFiAu7l47w0557CIwnXJw3xQLxxMzPqS7jK596SKOAU_0O1w4VscCLI9zTyru7fZCoYw3bxYkGyKr4PbcgeokAT8jmZY9JcMcrvoBxOPqduCUn0y_xQTA&cry=1&dbm_d=AKAmf-B7jnrfng4-URLLmdaTsSpqZC464yvJNVCe5QCuvnJfRbJ8nQY8jZTbPJRQyC4Hp5281rGAuKgWJQ6mOxiB07tLRmgETAHP89fWZywlc1BKNO5q-DuCdI0BAfJ0hFzyfF9zPdjq4OJIfav9RVI57ThMAcwXV3mqsCFjWXX0CFDcVGpWYWmeYc33G9ldf7ql29jLM8fyK64Sg6B2JHoIDZPfFjscWdOB3qRRHTSDKpts5b5pI6_l73Go2HD4ucKW1_SkGQiQECg7d3M4Y1qfKhF3riMzzjjKnn_mQDTd54fJei95uL2DPrxhLKzORh2Fkd5ywVNlGCXlCbPDvd5C2NZHKcnXktwHSkCRuVrWfx6zvcvYblorcE2KaJ9dN1EQ6eVIyn1_db5MPLyvWdffrsi30Xt1klHWnPyPn-HPJXKQaP52hTLtPEOspPdsXuvKrCui8G1l_RILsr1krL90mEcnCj5EAvy-i0MAivLDd8UTO0YRhE-AN3TojZpfJFxY6Sr5qymr0i3m-pu-Em-QwJUmH3gAl92yfjQajWtBXGAbkYypOKz3q41q5vMjwRiHE9y12MjJIWvQxVFguh1R8IpdNXWzuUEBByhRGSmclExItA3FdVl1jyMu7M0Cng8BX2Bzy2I4VL8MDp4Dy-lUJlGplKYfNNhBmocF0E8qrHxGM1kPu02R1ippEe6PJU3Qfr60SoOacyT9VudZZ-RfBE0EWpD_orVp3SGjF5fqD1dwrNmNfx8MYYpmSnOqmm8jHX-wfQvvNV5LMFt8pw8SX2nAmkNjG-44X86MBP_jeCGLRM79gIxljkixsFYLdjEHy1kitDZu4wVMqkxZn58K7BH_nEkLQ8RTlSNfN_89Jv2jf_8hj4qJqslSkiEM5EY-AltPoyp7xjV9-sKjuozJV_UP5lhy6KPZWhb-YvXRwPExSzRJjuIq0efJyuPsTjoKs3BuxZuv6iG3RpxGM5kv0Ry7rHK14RChsWkp5t-DiYpALcOy2PDGUmy9o238vl3nM00P3mZ_1JV0qVWjetZNjepyCxbydYS7NgXEZhGpgcE-R2jsFouGucaM4F5ys3_iYsAjipQlmLDi6EmlAhXe6tz6tij5hj-GqbfyC5VvvwH3ga7HQ7kDEqTirLpdVxKJMl-Nc1rSTrm2XafIMcoktCljNwVX9-jhhTQ6GsbGSghmsE30rGwFlisBUT-W_bWReh6FmGYXkv82fDOFKHEcvIHNA0oDkk4cJwvcjYXMNYGLERWV_QmmuaxO3FCvhRivC1E7i5H0ostT1lHA8u4kAH0FhRXUbvQkdKu4efVEdD5f0DB9zktxN0Lsn8EupPUN5mMWNQ504-UDV94sFLl5Lm89PFtWtT2ObyDJ6UCareKGWRozl1i8YywLMFoelz6axbHedwrR18xueipq3dpAdmL3PfQ17OpkifcKjhPWRhz1CqeJtFuMoAxViJkApu6iJeQdErVKS1Vw3GImdrgUQuIqCTFsYOYZxPq3kYgZjMfsgXuoWx-40ZyAV_7cg27d_ymhnFCCpqMj0uFDwMLysnIr84jfSWIQFGvxf9Jv1XW8-BAKRkFsDJlmb4b7L4xJiS6xT6jwj1CFUAiPk-1DA1EqJUtPfVnkbOHCrtmA9sCbcEYuLYPPjkMo9uQJkEfnjOQGr9Wo7TB1iBterPrsAgBAoOPVSOt8QZLhP4LMnFnO4MQ21-jW64dIVd-PVfzSRnMowqURw6MVLY_nXuDDn93BmDB0-rD02xVwv74VzIcwuFL17cGqqLxBsLJFrGKetgX832O04b3XNZT0d1OqVAkB5mPisuei25vhnj5U1yP-4EU8bluR3K5q-UNL8wf0ufAIyjAZumAkIfpwn5JEHQh2Z2f5ogAiczsmmoIVwhIE9ubYIJlmedin7gCzavITjwskFdthLcisZCJ6hhy5TmoC1QAhC3vpcaRxXIavitf97tKDPcDFbj0F7YwLtaka_StCulZPFR4swNcGbKF0ucD2vtdtW3s8pcNZqQDRwsYQbLcN88TaTwmurhJ6BmeU7jFgOtSmZ6uBdEnFcRMaU9HIgW6VxWhhKi46bZ4TEWy7AP6quAKxPG1LGViYLktIE7DomcQ2eGHwA7Qih_UuMPIY1bJ6Q_ob4JMTun6t9OR0Zf1OQ5vgyuvtOnUEmGubFSZR0_T-ZmNYsLmcrBkq5RhnzdYdW-VFF_y9bW7k_C8UVbYHHj-IN8qtZtXgKc52BtZarNFza9m5QmVIJcg9uB_RoZ-P_bjy5pNRbZV1gZv7KPluV13q1VWbX54a_vQ088lRvNB2gftT6GLNnLvvB5E93JJHQuVrC4Gh95RqHT7IKoe_L7wcpIpnguBjnj825fmv2oHXadZc7df-lbnq5oPrAEJQcfmDSytKt7NjF329JLSS-UxxOxAfVdJ8Tj6Gn5SZOsnlSBWDWOGu_ZTPgxhewYDZYXI7x9LR43LK5xSN12FsumhGQ-PP-QMRvBiKOgJbZ5YSRIdWZ1pHevIB3K5i1Z7pqQaw49JRa-0FDXfoa0rLJ4XtRaAUwhaNWUiGq3meNxlz0vperHJJ93l0vqXm2vaBJW_q_y_Ah7WdliObbIgdmwWd_OD1XtYKPJMhx62zsST-1M4sGNYBtCX-RIo7qRQqg1hrzLr1EsK584X-kNqxnWahCuHmQU_PZGgT9I_lPJeZrfrCqNhJyrTuB5Ms4qpKvlJY7a_0agOaPECLt7xoFosiTzJb8IIx1Mgufs6YCM_p0nWbrh3H0gDBQcfgNZUayzGOkLvKKLAq7kgy7tpFjZwyyRr7Og34wKyBy47L3hzDqzbDtIY48VH9sUSr3cYXpcC0hJGojyox8-r4HE3l3secvhJgaqwLVXGmtivMOdwX1mhL1m0Q9GOBj4IRsIT-jJYxaAUvjOK5XOwG4lqRp7WleYFVM7Ljgi_O_y7Polh4kOC8CV5F5Tn1YpLr6DqzuAXXZ6OI7KDFvsN4wP0pUmEny7gaXhRhrO0S3qHL2h1jeoM3KJPKwGRmH8d1QGgI5N6Ln8EY1SBRD_E8D-iaw_onSfpMHRSsNAHwcI25W3XDKgwYuNZiEsx2rN3wEI1UptPUmHS6DCsJggcdE8_zkhCnOOkqMGj9he7deVR7YDjuB0Bp45y2bs18vblUTAno6baK-qkxJ4QPIOAfGzb902XLODFPTDZDSqX1v0g7aXZY1bxlVNut3vgp4FJw_zCSdyQyKp1uml9pDZV_9soQgxzripuzGi2rAGmlGYyDlZdadRwNErhnZxdPawdptpVHuEJkT71u1ZLjDcGDMbJJIFWWTQivNuCZi9N9JYTUhSjhjL_GEddzS1hPaPiA2YOzoz9feUTap4rE5vSMOPM6SypiDwQqZj0mPdQMawuPTS1ftIcCwFHcOOzjXu0Iqy5RyvkgpGpyQEjexH1509AJyzq8yr9I-ihrGOGREJH_961_u5RK-5o_UZUtbj1rqPA_I0qhULUZHvUPeSR_lwES9vM&cid=CAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240
Frame ID: C6D3123D30F7DC89E465C2B19C439EBD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 9A8899390CCF20CC4F8BD450D5D7E11C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CCBC8C27629EECA4B56002481BA374C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43F8CF261993F234C93ABD46D373F2FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
Frame ID: BA344F04964543309A8968585EFC2CCA
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA38328BF660AACEAE4B7A5FEBFCB413
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66D3BB24484FFB93AA4DD8AAEE2F0EC7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
Frame ID: CA8DBCFC9E2D063EEC20864AC859B3D9
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3FFE4DB3B152B75EA02F5D367B142D3C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22657800129908204444550011968012&actionid=981741&produktid=&dt_url=
Frame ID: 0A64DDB989E6A8FC8909A0BCB3CBD5A9
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
Frame ID: 3BDF66F682662BA03963907FAAC69270
Requests: 6 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872
Frame ID: EF4127EB11BF82FCA40A85DD2105F443
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Frame ID: 846F9946657CAE3E69A0268569616293
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 420FBD580F84F3947C739E8243C02F6D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B9332EB4F25E88CFB5D5E450F716E71
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0F0E5A06021771F21CE3078E309F36A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Казахстана – последние новости от NUR.KZ

Page URL History Show full URLs

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

420
Requests

92 %
HTTPS

41 %
IPv6

54
Domains

82
Subdomains

63
IPs

11
Countries

4074 kB
Transfer

11352 kB
Size

79
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_header_banner

Search URL Search Domain Scan URL

URL: https://special.nur.kz/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/
Title: KZ

Search URL Search Domain Scan URL

URL: https://1xbet.kz/?tag=s_43153m_2205c_button&site=43153&ad=2205
Title: Ставки на спорт!

Search URL Search Domain Scan URL

URL: https://bit.ly/37RIUBd
Title: Бизнес с

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/252771/clickURL?ad-session-id=4752551653323779297&hash=420a8aa2a5c98122&puid1=Homepage&sj=6LhxZKB9CGEXZivqFid2Lt74swKviS2V6jn2hL5yxAKLxzvqSTTfo7BHEnlrLA%3D%3D&rand=cyjfxzp&rqs=BBjVIHXWBIkEuItiuEBNUrKT1nIPY0U9&pr=edbbcwi&p1=crsny&ytt=218804424671237&p5=locem&ybv=0.585102&p2=gfdy&ylv=0.585102&pf=https%3A%2F%2Fwww.election.gov.kz%2Frus%2F

Search URL Search Domain Scan URL

URL: http://ffin.kz/?utm_source=nur_kz&utm_medium=vidget&utm_campaign=Global_mkting_2021
Title: Фондовый рынок Индекс S&P 500 3974.23 $ 72.87 1.87% Акции Freedom Holding Corp. 40.84 $ 0.38 0.94% FTSE 100 7304.00 £ 34.00 0.47% IMOEX 2301.85 ₽ -71.41 -3.01%

Search URL Search Domain Scan URL

URL: https://t.me/newsnurkz
Title: Telegram

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK7ylAswg8SqAw
Title: Google News

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kaznews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://special.nur.kz/rough-finish-knauf
Title: <img class="post-preview-media__picture" sizes="(max-width: 755px) 97px, (max-width: 1151px) calc((100vw - 152px) / 3), 231px" srcset="https://cdn.nur.kz/images/720x405/f27ff35f94e53aee.jpeg?version=1 720w, https://cdn.nur.kz/images/560x315/f27ff35f94e53aee.jpeg?version=1 560w, https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1 272w, https://cdn.nur.kz/images/176x99/f27ff35f94e53aee.jpeg?version=1 176w" src="https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1" alt="Стройка" title="Стройка" decoding="async" /> Почему хозяевам нового жилья не стоит бояться "чернового" ремонта 21 мая, 09:00

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/health/1970070-ot-qabynyn-zumysyn-zaqsartatyn-darilik-sopterdi-bilesiz-be/
Title: ДенсаулықӨт қабының жұмысын жақсартатын дәрілік шөптерді білесіз беСегодня, 08:31

Search URL Search Domain Scan URL

URL: https://corp.nur.kz/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PortalNURKZ

Search URL Search Domain Scan URL

URL: https://vk.com/portalnurkz

Search URL Search Domain Scan URL

URL: https://ok.ru/portalnurkz

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@newsnurkz

Search URL Search Domain Scan URL

URL: https://apps.apple.com/kz/app/id830230766?utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C102765781

Search URL Search Domain Scan URL

URL: https://nurtv.kz/
Title: Видео, фильмы

Search URL Search Domain Scan URL

URL: https://musicnur.kz/
Title: Музыка

Search URL Search Domain Scan URL

URL: https://rabotanur.kz/
Title: Поиск работы

Search URL Search Domain Scan URL

URL: https://genesistudio.net/
Title: YouTube MCN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 296

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnGy7RSLAQnUlyc7Nqmx-AXxybfl7ieTwc6RFQhdJ6QExpZMZqeGYVV9gsUQdaY6aA5oU0_uC59yleSixfcCT9r3nrTECirlZHnAyfKFqJ6Ow6E-dw&google_gid=CAESEOzIwCqTN2tLtZx330GCBVI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NEJ3QUFCVzZZQmdRdA&google_push=AYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnGy7RSLAQnUlyc7Nqmx-AXxybfl7ieTwc6RFQhdJ6QExpZMZqeGYVV9gsUQdaY6aA5oU0_uC59yleSixfcCT9r3nrTECirlZHnAyfKFqJ6Ow6E-dw

Request Chain 297

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJIxcrN4vkNMFWsyoMB5d2HR2KIqLePxXQq-ZQcIfvVp0lSi83ZyOB6je_uSzQS4LBv2E_cAGHS-R_koL0_V2KVoVj4JVYO7VPOpi512pFWwIE3p1lLXUSL8u3d2k_wmYDHMRlKc6YNDn5Xpmk2kBk&google_gid=CAESEMDDPUg3rETF2_b6KQh-GoE&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIfwrpQGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQSkl4Y3JONHZrTk1GV3N5b01CNWQySFIyS0lxTGVQeFhRcS1aUWNJZnZWcDBsU2k4M1p5T0I2amVfdVN6UVM0TEJ2MkVfY0FHSFMtUl9rb0wwX1YyS1ZvVmo0SlZZTzdWUE9waTUxMnBGV3dJRTNwMWxMWFVTTDh1M2Qya193bVlESE1SbEtjNllORG41WHBtazJrQms HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVV2Y29DMVNfX3RTaDBPSzBUOWJ3andXM3lFenh0X1l4TmFoOVRINkd4Yw==&google_push

Request Chain 299

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPL4rZrQtTMa4QPTOb9SMkm_ZhFZNeodmySHCRaogil46jqHtjwErbeILTS7JUFzSvbTxif3JMdEEP9PnKJzXPpoUWo5sR9PbwMXyc44_oX8tBNn9kcupntWcuF27mqJiD1TmwGpCrGL_evw0FV3M4Y HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPL4rZrQtTMa4QPTOb9SMkm_ZhFZNeodmySHCRaogil46jqHtjwErbeILTS7JUFzSvbTxif3JMdEEP9PnKJzXPpoUWo5sR9PbwMXyc44_oX8tBNn9kcupntWcuF27mqJiD1TmwGpCrGL_evw0FV3M4Y&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--IoVkpuRpyaHe97ZNw0uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4rZrQtTMa4QPTOb9SMkm_ZhFZNeodmySHCRaogil46jqHtjwErbeILTS7JUFzSvbTxif3JMdEEP9PnKJzXPpoUWo5sR9PbwMXyc44_oX8tBNn9kcupntWcuF27mqJiD1TmwGpCrGL_evw0FV3M4Y

Request Chain 300

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDKnhA_HznUf6m_HNO9XLM&google_cver=1&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9tYBYr24TmlbhKLuYMqBpuEThFR5FqaZGAa4PS7Dhb-h0Jth78apsBxi-Z9Q599hPh2mgparIQfyhmxCtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFKVUgtMUwtRE9INg==&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9tYBYr24TmlbhKLuYMqBpuEThFR5FqaZGAa4PS7Dhb-h0Jth78apsBxi-Z9Q599hPh2mgparIQfyhmxCtg

Request Chain 301

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_cver=1&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp2lOBwaUQlY3zcQqBu9QBAbhoRLWUjftjU09OJomE2VemhNU6Uo1WgoSjvJN9-7YpoUjYF0AiClq6jIbZUv7hRbBcqMef8XjJwFlHYjU8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp2lOBwaUQlY3zcQqBu9QBAbhoRLWUjftjU09OJomE2VemhNU6Uo1WgoSjvJN9-7YpoUjYF0AiClq6jIbZUv7hRbBcqMef8XjJwFlHYjU8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp2lOBwaUQlY3zcQqBu9QBAbhoRLWUjftjU09OJomE2VemhNU6Uo1WgoSjvJN9-7YpoUjYF0AiClq6jIbZUv7hRbBcqMef8XjJwFlHYjU8&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=You4B.ug9g.4CLoLeUiLjQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1&google_hm=2

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHf5clfyAGqYci8A3eowmJY&google_cver=1

Request Chain 306

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MTUzMzk4MjU4ODI3NTIwMQ%3D%3D

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1

Request Chain 325

https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 329

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 338

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQ-gRfg-ClU4u3pXSrbfd8&google_cver=1&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-FvJEmO5HtK-nQw_VSDoPCoA6JTNpy9zC63Xdb_KPrvWd HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-FvJEmO5HtK-nQw_VSDoPCoA6JTNpy9zC63Xdb_KPrvWd&google_hm=xMNEpvcLLEMM3vcifSf5UQ

Request Chain 339

https://d.agkn.com/pixel/2175/?google_gid=CAESEJXSMk2XYA_gU-dZUdDUDLg&google_cver=1&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn

Request Chain 342

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPJlOluHLlk74RvyaG0jPd_kh8i-7FsuIRNwTDpmGitK4DJ81Ze8Po2IEpxFSI2hUnEZ_-rM8CYoqYw_RanKoIq-zXztaWK1Lw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPJlOluHLlk74RvyaG0jPd_kh8i-7FsuIRNwTDpmGitK4DJ81Ze8Po2IEpxFSI2hUnEZ_-rM8CYoqYw_RanKoIq-zXztaWK1Lw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LJMmtqvlRJiEn15A1hVvGw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlOluHLlk74RvyaG0jPd_kh8i-7FsuIRNwTDpmGitK4DJ81Ze8Po2IEpxFSI2hUnEZ_-rM8CYoqYw_RanKoIq-zXztaWK1Lw

Request Chain 343

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDKnhA_HznUf6m_HNO9XLM&google_cver=1&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqcmMLVAEV4IsOZszeqxEPxdPxcu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFLNlotSC00T1lS&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqcmMLVAEV4IsOZszeqxEPxdPxcu

Request Chain 344

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_cver=1&google_push=AYg5qPLom_I4t_A-_-JlqF9dtBFbH0x7TL5CpV0kDMzuM-xQZNFs0ZAVI6ynsLCGwMsxHRabMkBgskasvMiFyys08BMFLplnGma5KA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_push=AYg5qPLom_I4t_A-_-JlqF9dtBFbH0x7TL5CpV0kDMzuM-xQZNFs0ZAVI6ynsLCGwMsxHRabMkBgskasvMiFyys08BMFLplnGma5KA&google_cver=1&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM

Request Chain 362

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELtXviomELESA7rT5ojYCTw&google_cver=1&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATVLuDVks_bkSHfmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATVLuDVks_bkSHfmA

Request Chain 363

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC71olzL7bES3rQzrWp28u4&google_cver=1&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0vwwrUSlWrMnQnHl99YQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0vwwrUSlWrMnQnHl99YQ&google_hm=ZNTdpr0MS--q12Qisppby2Y

Request Chain 365

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPIcFiJIUsT67OAYM8d6a2wOsBhZPJu09rhvjgTyQoEm81Vmb8_MqQy3vQZOxh7EUMy6ksyXGrR7WMVJVke4FZ6oG4gKgH-yJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcFiJIUsT67OAYM8d6a2wOsBhZPJu09rhvjgTyQoEm81Vmb8_MqQy3vQZOxh7EUMy6ksyXGrR7WMVJVke4FZ6oG4gKgH-yJA

Request Chain 366

https://match.360yield.com/match/ebda?google_gid=CAESEM7sXMOaVI0cNIjjGGOqV08&google_cver=1&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_U1exYVZA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM7sXMOaVI0cNIjjGGOqV08&google_cver=1&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_U1exYVZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wLMuTSU1S2aZEgz8tJMHMA&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_U1exYVZA

Request Chain 367

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG0GNHChVqBfIJ0dofPdZ1k&google_cver=1&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtFSJA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtFSJA&google_gid=CAESEG0GNHChVqBfIJ0dofPdZ1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDYxMDUyOTI5OTM3MTgzMTA2Mw%3D%3D&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtFSJA

Request Chain 368

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEmQl6cZpZbR5nWNjCCy1Aw&google_cver=1&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl3LLOopJNsNmssJSBsLzvqn_kFGZg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEmQl6cZpZbR5nWNjCCy1Aw&google_cver=1&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl3LLOopJNsNmssJSBsLzvqn_kFGZg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10VXVCcUs1RTJ1RlJZWEIyX3dBcDBNeUdRSFZtSFJfeX5B&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl3LLOopJNsNmssJSBsLzvqn_kFGZg

Request Chain 371

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22657800129908204444550011968012&actionid=981741&produktid=&dt_url=

Request Chain 372

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=22657800129908204444550011968012&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID

Request Chain 373

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872

Request Chain 375

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 394

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_ypLFNQup-CO6lKt3QTixbelYnU4pGPhq2Zqmhpzowb0TRiVXpXDo43T_NKA&google_gid=CAESEOzIwCqTN2tLtZx330GCBVI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NENBQUFCWkpySGdQNQ&google_push=AYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_ypLFNQup-CO6lKt3QTixbelYnU4pGPhq2Zqmhpzowb0TRiVXpXDo43T_NKA

Request Chain 395

https://d.agkn.com/pixel/2175/?google_gid=CAESEJXSMk2XYA_gU-dZUdDUDLg&google_cver=1&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn

Request Chain 397

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t3nzO0JieSEP6nmhJRqoftMuFn7h51X_A&google_gid=CAESEDV7e_AXGkPht3Ugy0Ph0u0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t3nzO0JieSEP6nmhJRqoftMuFn7h51X_A&google_gid=CAESEDV7e_AXGkPht3Ugy0Ph0u0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjMxNjM2MjUwMDA1NzM5ODA2MDA4Mw%3D%3D&google_push=AYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t3nzO0JieSEP6nmhJRqoftMuFn7h51X_A

Request Chain 399

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQYeWzyhXUBk8lqRYHESdA&google_cver=1&google_push=AYg5qPItB8hip1-yAKgcdvHDgsLfytFM8cdBD-xVD8G0yQ9h9oh7i-KXkbU1MuyNcpLY8D94ntjUYuqSfdxq55kC3QToUh7v4YEsHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPItB8hip1-yAKgcdvHDgsLfytFM8cdBD-xVD8G0yQ9h9oh7i-KXkbU1MuyNcpLY8D94ntjUYuqSfdxq55kC3QToUh7v4YEsHg

Request Chain 410

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&RedC=c.clarity.ms&MXFR=37488F2250DE6660009D9E8F54DE6860 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&MUID=0810A537B39A6FA13AB1B49AB2116ECE

420 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nur.kz/
Redirect Chain

http://nur.kz/
https://www.nur.kz/

408 KB
44 KB

432ms
132ms

Document
text/html

91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9779e7639bc4a82393eb625f3b5e861cdb533a6e2aa5a9bc8ea2f5e25e1e3a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, OPTIONS
cache-control: public, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:19 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-f-status: HIT
x-frame-options: SAMEORIGIN always

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 23 May 2022 16:36:19 GMT
Location: https://www.nur.kz/
Server: nginx

GET
H2 200 b0ccc598e27c23c6.webp
cdn.nur.kz/images/1120x630/ 50 KB
50 KB 673ms
389ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/1120x630/b0ccc598e27c23c6.webp?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9991f76dc02c16f89acff86d06a9f1f4c781d93aae9d8528a19a42344e9f71a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 07:07:19 GMT
server: nginx
x-cs: HIT
etag: "a73e9b16f262c42c1021c0e97023d2e5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 50992
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 common.e1f38809.css
www.nur.kz/nur/css/ 32 KB
5 KB 132ms
132ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/common.e1f38809.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-1466"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5222
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H/1.1 200
OK io.js Show response
cdn.onthe.io/ 56 KB
18 KB 168ms
74ms Script
text/javascript 142.93.104.37
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.104.37 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:27:15 GMT
Server: nginx
ETag: W/"60e6fd33-de2a"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 24 May 2022 16:36:19 GMT

GET
H2 200 logo.svg
www.nur.kz/nur/img/ 6 KB
3 KB 134ms
133ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-977"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2423
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 b0ccc598e27c23c6.webp
cdn.nur.kz/images/560x315/ 38 KB
38 KB 668ms
390ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/560x315/b0ccc598e27c23c6.webp?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0344ecf94e18e3195d68593b4f9ee254c922e6c68b14f1d1edf7f32564cee221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 07 Dec 2020 10:51:54 GMT
server: nginx
x-cs: HIT
etag: "0b886feeb6d63e98548b12b7f70580be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 38416
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 placeholder-1x1.gif
www.nur.kz/nur/img/ 43 B
381 B 135ms
134ms Image
image/gif 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/placeholder-1x1.gif?v=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-2b"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 43
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1031
date: Mon, 23 May 2022 16:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 23 May 2022 18:19:08 GMT

GET
H2 200 94ylzt75u2 Show response
www.clarity.ms/tag/ 1 KB
2 KB 353ms
198ms Script
application/x-javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/94ylzt75u2
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8aa9c0f8ed2307a2b9f5b135cc7d0118528ce1455e0060258093eb66dcb93dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:19 GMT
x-powered-by: ASP.NET
x-azure-ref: 0A7iLYgAAAACHb8DnScTUQJSb5QqwGamRQVRIMDFFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 1920x120_rus.png
www.nur.kz/nur/img/thematic-blocks/ 58 KB
58 KB 135ms
135ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/thematic-blocks/1920x120_rus.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-e64f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 58959
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 bybit.png
cdn.nur.kz/static/ads/ 6 KB
7 KB 667ms
389ms Image
image/png 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/static/ads/bybit.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 20 Apr 2022 14:13:51 GMT
server: nginx
x-cs: HIT
etag: "6eab7750d8e559a66f25f708b1eea4de"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6458
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 1xbet-partner.png
cdn.nur.kz/custom/logo/ 2 KB
2 KB 650ms
389ms Image
image/png 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/1xbet-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 01 Sep 2021 09:19:41 GMT
server: nginx
x-cs: HIT
etag: "d9e559e4b7931bf2cf97e89f9d7708c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2180
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 fclub-libertex-partner.png
cdn.nur.kz/custom/logo/ 3 KB
3 KB 650ms
389ms Image
image/png 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/fclub-libertex-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Tue, 28 Dec 2021 10:52:54 GMT
server: nginx
x-cs: HIT
etag: "b32bf7a5941815e4a4dc71bb126a1aa3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2946
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 KMF.png
cdn.nur.kz/custom/logo/ 5 KB
5 KB 649ms
389ms Image
image/png 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/KMF.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 13 Apr 2022 12:31:31 GMT
server: nginx
x-cs: HIT
etag: "55643c20d418d965722c9d75a7d6d2b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4627
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 parimatch.png
cdn.nur.kz/custom/logo/ 4 KB
5 KB 616ms
389ms Image
image/png 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/parimatch.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Tue, 09 Nov 2021 19:46:09 GMT
server: nginx
x-cs: HIT
etag: "58febaebfd3c6d8472de1318e7079d30"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4450
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 7a5aad15155aeeab.jpeg
cdn.nur.kz/images/272x153/ 5 KB
5 KB 358ms
130ms Image
image/jpeg 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7a5aad15155aeeab.jpeg?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Thu, 11 Mar 2021 14:37:00 GMT
server: nginx
x-cs: HIT
etag: "cad54c626842be5765616b721023eb2f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4896
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 2f8551693976b31f.jpeg
cdn.nur.kz/images/272x153/ 9 KB
9 KB 616ms
389ms Image
image/jpeg 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2f8551693976b31f.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Thu, 12 May 2022 11:53:28 GMT
server: nginx
x-cs: HIT
etag: "e35dfd517d3150920c0d77fc3aad97d6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9004
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 75330f52aaeda809.jpeg
cdn.nur.kz/images/272x153/ 16 KB
17 KB 487ms
259ms Image
image/jpeg 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/75330f52aaeda809.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 25 Apr 2022 08:56:58 GMT
server: nginx
x-cs: HIT
etag: "0b45326bc6c6f56de5de06d50eb1d7f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 16678
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 26f6f4d708d3f373.jpeg
cdn.nur.kz/images/272x153/ 31 KB
31 KB 613ms
386ms Image
image/jpeg 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/26f6f4d708d3f373.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Tue, 09 Nov 2021 15:26:53 GMT
server: nginx
x-cs: HIT
etag: "9315765f924d99f08508c23fec0c6235"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 31899
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 logo-freedom-finance.png
www.nur.kz/nur/img/ 2 KB
3 KB 202ms
202ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo-freedom-finance.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8b9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2233
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 _vendors.247f0c1e.js Show response
www.nur.kz/nur/js/ 30 KB
9 KB 162ms
162ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-22eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 8939
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
29 KB 142ms
46ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

57c574845a793acec11e8266bc2b3ee3e638c56b3422f18e4fefdff6c7fce51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28607
x-xss-protection: 0
server: sffe
etag: "1223 / 632 of 1000 / last-modified: 1653303864"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 May 2022 16:36:19 GMT

GET
H2 200 monetization.f542e399.js Show response
www.nur.kz/nur/js/ 10 KB
3 KB 163ms
162ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/monetization.f542e399.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-b02"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2818
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 140ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

280d084452da26bdf14ce6d4ce7590b04c070113af84046fbcb3c3ed61cf85e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69436
x-xss-protection: 0
expires: Mon, 23 May 2022 16:36:19 GMT

GET
H2 200 _authorization.cbd1e081.js Show response
www.nur.kz/nur/js/ 15 KB
5 KB 163ms
162ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_authorization.cbd1e081.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-10f5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4341
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 navigation.1f4f3f8d.js Show response
www.nur.kz/nur/js/ 5 KB
2 KB 163ms
162ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/navigation.1f4f3f8d.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-661"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1633
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 jitsu-init.b7960b4c.js Show response
www.nur.kz/nur/js/ 29 KB
9 KB 163ms
163ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-2345"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 9029
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 home-recommendation.1d356ec8.js Show response
www.nur.kz/nur/js/ 19 KB
6 KB 164ms
163ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-15bf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5567
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 home-page.e7254aef.js Show response
www.nur.kz/nur/js/ 6 KB
2 KB 164ms
163ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-page.e7254aef.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-771"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1905
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 freedom-finance.d7f54434.js Show response
www.nur.kz/nur/js/ 3 KB
2 KB 164ms
164ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-557"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1367
expires: Tue, 23 May 2023 16:36:19 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 284 KB
77 KB 295ms
99ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

711ee3eb59d5b76ca01b50cd147423a915ad122d27147e6146d87e7d528eac28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653323780035392-12446944499337016487-vla1-3228-vla-l7-balancer-8080-BAL-5253
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 23 May 2022 17:36:20 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 143ms
40ms Script
application/javascript 18.66.248.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-5.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:43:24 GMT
Via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6681176
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: -50y9QCVCVOB9N8xv-6rh9Da_G42shCShYsv_LLFo9znJ-os5k-0rg==

GET
H2 200 telegram.svg
www.nur.kz/nur/img/social-icons/subscribe/ 1 KB
876 B 133ms
132ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/social-icons/subscribe/telegram.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-214"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 532
expires: Tue, 23 May 2023 16:36:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 136ms
45ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-1&cid=222879948.1653323779&jid=612010383&gjid=379324983&_gid=1154909005.1653323779&_u=YGBAgUABCAAAAE~&z=1920494208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 May 2022 16:36:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
37ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=696100289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=612010383&gjid=379324983&cid=222879948.1653323779&tid=UA-6273700-1&_gid=1154909005.1653323779&cd14=homepage&z=1116025070

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 22:22:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65609
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 687ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:uniques_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:59ce7cdf8.91e40a35a_1653323778888,session_id:a8c024c1d.7de452898_1653323778890,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653323778902
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:20 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/uniques/ 33 B
559 B 687ms
55ms Script
text/html 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/uniques/?current=23&holding=e3155c435e925683dd022a3f2070aae6&hash_user=59ce7cdf8.91e40a35a_1653323778888&1653323778903
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:20 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 674ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:visits_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:59ce7cdf8.91e40a35a_1653323778888,session_id:a8c024c1d.7de452898_1653323778890,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&__io=59ce7cdf8.91e40a35a_1653323778888&1653323778915
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:20 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 666ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:pageviews[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:59ce7cdf8.91e40a35a_1653323778888,session_id:a8c024c1d.7de452898_1653323778890,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653323778924
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:20 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 chunk-lazysizes.85027d33.js Show response
www.nur.kz/nur/js/ 7 KB
3 KB 132ms
132ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-lazysizes.85027d33.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-beb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 3051
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 597ms
29ms Image
image/gif 18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&time=1653323778955&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.nur.kz%2F&random_number=3615890185&sess_cookie=03b56b74180f1c6cb872a211731&sess_cookie_flag=1&user_cookie=03b56b74180f1c6cb872a211731&user_cookie_flag=1&dynamic=true&domain=nur.kz&account=UVumr1WyR620WR&jsv=20130128&user_lang=en-US
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 03:48:38 GMT
Via: 1.1 672096d0d92d3141442f75941c957076.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 46062
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: TXL50-P1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: rnPmxze9nNlab6a__XS06AFrzjdB3ABMEgJe4J4TsfUfFduGDddCjA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 714ms
127ms Image
text/plain 3.20.242.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.242.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-242-89.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
server: Server

GET
H3 200 pubads_impl_2022051701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 114ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127273
x-xss-protection: 0
last-modified: Tue, 17 May 2022 08:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 May 2023 14:05:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
148 B 121ms
46ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Mon, 23 May 2022 16:36:20 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 568ms
44ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oe5b0&_p=696100289&_z=ccd.tbB&_gaz=1&cid=222879948.1653323779&ul=en-us&sr=1600x1200&_s=1&sid=1653323778&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&en=page_view&_fv=1&_ss=2&ep.transport_type=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 44ms
44ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3EYGX7DJS&cid=222879948.1653323779&gtm=2oe5b0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 601ms
74ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3EYGX7DJS&cid=222879948.1653323779&gtm=2oe5b0&aip=1&z=1304145778

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
stat.khanate.pro/api/v1/ 15 B
324 B 133ms
133ms XHR
application/json 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
content-length: 15

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 102 KB
39 KB 581ms
52ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5JGFBQR

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

010fc56ed41ed94fa9c15af2bb7188375b9818d8fe67af32f7cd8ed8eedb497e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39807
x-xss-protection: 0
expires: Mon, 23 May 2022 16:36:20 GMT

GET
H2 200 freedom-finance-desktop.593ce3a5.css
www.nur.kz/nur/css/ 4 KB
1 KB 133ms
132ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-326"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 806
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 chunk-freedom-finance-desktop.68c57a5a.js Show response
www.nur.kz/nur/js/ 4 KB
2 KB 133ms
133ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-5f4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1524
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 587ms
74ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=222879948.1653323779&jid=612010383&_u=YGBAgUABCAAAAE~&z=1769920794

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 580ms
74ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=222879948.1653323779&jid=612010383&_u=YGBAgUABCAAAAE~&z=1769920794

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
l.clarity.ms/s/0.6.35/ 53 KB
23 KB 403ms
125ms Script
application/javascript 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/s/0.6.35/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/94ylzt75u2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
etag: "1d86e81880f1265"
last-modified: Mon, 23 May 2022 08:46:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23088
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 a07e6001b04a1864.webp
cdn.nur.kz/images/272x153/ 17 KB
18 KB 226ms
225ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a07e6001b04a1864.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1ca89a403c4e345ebd841a43f31c5fbb60407f7a846f379b338f1af879f1cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 02 Sep 2020 06:31:19 GMT
server: nginx
x-cs: HIT
etag: "9b678a04407b0efd6fad2bf02149b6b2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 17802
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 54a1011c87d34666.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 226ms
225ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/54a1011c87d34666.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

592df1e7e91410fbc6709be1ba8695f02a43b8c63a529c0be2f307811860e73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 13:12:09 GMT
server: nginx
x-cs: HIT
etag: "3af690bf1d4c25f83963cb70ceb46aed"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3612
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 398ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 394ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 258 KB
55 KB 414ms
413ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068517317512481&correlator=1036204643328374&eid=31067688%2C31067709%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom%2CNUR_Desktop_Bottom2%2CNUR_Desktop_Bottom3%2CNUR_Desktop_Anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C728x90%7C728x200%7C980x90%7C980x200%2C728x90%7C728x200%7C980x90%7C980x200%2C1x1%7C728x90%7C980x90%7C1000x90%7C1000x200%7C1200x90%7C2000x90%7C728x200&ifi=1&adks=2902430930%2C1806412577%2C1148870173%2C3302193688&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie_enabled=1&abxe=1&dt=1653323779208&dlt=1653323778609&idt=567&biw=1600&bih=1200&adxs=436%2C436%2C436%2C-12245933&adys=2404%2C4966%2C6689%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1088x0%7C1088x0%7C1088x0%7C0x-1&msz=1088x0%7C1088x0%7C1088x0%7C0x-1&fws=4%2C4%2C4%2C644&ohw=1088%2C1088%2C1088%2C1600&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=true&btvi=1%7C2%7C3%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4761602d3f02a99f5ba672962e117618f8ebb010f6196325085a82fa78c5751

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjTgIWH9vcCFYCH_QcdblEIDQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/91211586652222830/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIfTgIWH9vcCFYCH_QcdblEIDQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/91211586652222830/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjTgIWH9vcCFYCH_QcdblEIDQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/91211586652222830/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIfTgIWH9vcCFYCH_QcdblEIDQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/91211586652222830/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -1,-1,-1,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55941
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 23 May 2022 16:36:20 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CE7 6 KB
4 KB 161ms
44ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3503c28b572fe5ac.webp
cdn.nur.kz/images/272x153/ 13 KB
14 KB 225ms
224ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/3503c28b572fe5ac.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

6aa385bad11af3c03ee07e1b62ee77226e51d5c7fcfa7a89d3d8672aa247bd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 12:05:15 GMT
server: nginx
x-cs: HIT
etag: "c3cccfbe3befd10b1cc924ffb3e77755"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 13592
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 6b66e402ac0e3682.webp
cdn.nur.kz/images/272x153/ 17 KB
17 KB 225ms
225ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/6b66e402ac0e3682.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ea3e94ae218d409f2e06adab5a3cbf7517d3993af10e339f0c57e370420c742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 03:00:45 GMT
server: nginx
x-cs: HIT
etag: "637a5f2e87baeee70fa5a1ec28b7f69a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 17378
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 dd837ffe083b61b9.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 226ms
225ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/dd837ffe083b61b9.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bd4b3ec69c7cc6b78aebd8b8f149b24fb509226b0de1215d288296525a2f65b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 11:50:15 GMT
server: nginx
x-cs: HIT
etag: "a65d993647107229f1e1c7d31fb75393"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6960
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 ac33e69fc8e1036b.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 226ms
225ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/ac33e69fc8e1036b.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

95fe1d3eaf90a13de4a63bc75f35c13cd6705b1be6c3ad2c79a8e856a79701a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Mon, 23 May 2022 10:45:11 GMT
server: nginx
x-cs: HIT
etag: "58d2a771694a7cf3fa063c08d8cfcaf8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3578
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 ea8a63922815ded85b7c.js Show response
yastatic.net/partner-code-bundles/585102/ 13 KB
5 KB 218ms
67ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/585102/ea8a63922815ded85b7c.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5129bb7cf57920bddaaa073c87cdb4f4057ec9879655eb958da3cc3c7e081dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4472
last-modified: Fri, 20 May 2022 16:24:02 GMT
server: nginx/1.17.9
etag: "937ebbfcfa3c9c376c065e1e2c5742a8"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 23:09:46 GMT

GET
H2 200 a2ecfd6d1308118f09ea.js Show response
yastatic.net/partner-code-bundles/585102/ 90 KB
19 KB 265ms
124ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/585102/a2ecfd6d1308118f09ea.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

96e7d31540dc3420c73e81ab4022a61cbe86ff318fc96ad94766fe5341404c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18847
last-modified: Fri, 20 May 2022 16:24:02 GMT
server: nginx/1.17.9
etag: "1be06e740c18562aa134ad368e7f2368"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 23:09:46 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 282ms
149ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 23:08:02 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 170 B
581 B 121ms
121ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T16%3A36%3A19.290%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=383510595&pr=1271783716&prr=&pv=16&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.585102&ybv=0.585102&ytt=218804424671237&is-turbo=0&skip-token=&ad-session-id=4752551653323779297&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13923%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=585102&available-width=1600&yaru=true&p1=coatn&p2=fylw&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580226%2C0%2C12%3B579745%2C0%2C89%3B573667%2C0%2C52%3B585618%2C0%2C56%3B581288%2C0%2C93%3B406668%2C0%2C62%3B585102%2C0%2C73%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz36gqAupvFESbRMrkQpJ2d4EwSBt9y0oinZTFAjy7x1K8kVeL3eBwoANGDqHw5kzZ0Y%2FVoNWG2M74VcfPv9Y%2FfP12%2Fen1YeV1KJq5Wq9en76%2B1n9jv9ktCSsXP38sl7VO6G3EupW1Q%2Fgd9YM2x20ZqvqBYeovTIaqsF7%2FOmtMlb5xwVnShmlI6eVHwfpPOw70cPGmg4ehW7kEeywIPV2WISVU5bSdKTYCwdaHqAWbQvewHy%2Bl0cfp8hzwrORYro2DNoNfW%2Bslw3eSzTSgqut6j04W8NBWK309g1OlmfsHFZnplCEao2F2oTvXrTSewladHLB1artzkO1XfCxlLB8zlQvxZyoU9bExmOMSlvTtvG4GMuS4hzX4CT0tWmwmKbrMELhvah34HaiMYc3mEqe8TOTG%2BxePmJulMfcAEoKNsqG0LQ7YGzNYEXIwYIzyReMnGYkuTD6sRZ7ad0tLudZyfgSi59JSaLZmCN0WKi9cqpSLYoO8GqjXBc0T%2F%2F%2BuVQ4S1MycmBTzHUPFxFdf417%2Fuv70wLG03KGYTqdC4W4xbw86wy6G2%2BFIR%2B0tNccn5OCF5StaV6SPMcfznmyTvMs4XxN0zJPw09OWLGmRZZl6ZoSmhByeiQlZVEgnJGSJAhnWca%2FXMfEymTOv2jASanBVE5iXe3yKn98%2FfXb07KPC1pOat8ovAvefydHFWsfT0OWp%2BV05CepKeq5kU5tNdAEPqYoAdlDGiXIKS2n9u%2BtxI4H6yvMf6u0jOIYLfMp4toM2ge%2FOO5sFMIZCnSEnK0JGtMJpWMwrAdN545TjTRBHNhslYHN0LZoK5jnKD5BfyPn3FbWPGBhMK%2BwtaqJI1nOi7sBQ6Oct6qKwlE7RXapTQgXDqrxO1Cd2EbTi4LLOLlg8bixmStjQ1NZ0ajB%2FfJOhkcR4p4CBtEexKOLI1M2a6rZBIt0vdHYmF510gzLUUAJIUtsRtLpzidbRKj28fNypLlqZSuDd5zOA3mMtgAeyRh9CVcbwO9DMMK3FPIKwymAvWiHRbVSch89T79JnUr3WGQQtoufXSRz%2F4kGjcIrNw6ijQFswajd4tQl2TTSWokjFYekRbsXVombhNNb2Fzem36yEidzgyP7nY2FTKdaC4sC6aQXF7lIa9H6cau55sgXeE4yMlvPtNsE294reQirQ%2FToghWz%2B4fHQeN6UEuHfbWNwhhF3Ahzrsc9p97JECH00tY3Kg2%2Bf43Mk3K6q%2BuE9ZhrJ1QdcjeN%2BuAL8aNxsJTXKulkowRMbC7uQxdsMOfGDKPKxu3xrea4QCdpkyPBjQCDNc6rKJIn%2BZyrujX6XN3O7McZHcdSxtNXsFMc9H%2Fik3fiR0gv6ge3M%2BOQGm3pDTCqa7I%2FiRumxD3siE1xsKJHnZwG87J34oQ43S9r2ckkkC0seqh4lI9%2B0ey1b5ckhNIiRoJzH6c%2FVMrjoijfyXWaK7WbNrXIrX57%2FnazvrLZfUJACkXhTQ%2FG7zBHHl9woBtar96xUKe4VL3guQ%2FeiNa9hp50Mbsurqu45rfiMVip0sFaMC31w7haq2O8XHmR8CtKhyBMEb6nSRHvU55Qfo1c7qSxFZgURcEvY%2FN2Y8SYEkJvogz%2FBMTWiireTvjKQrLLs3ijTwuB5AklsefvTP4kv4v4%2BR87tVeF&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=M1V%2FhWbPK3xrt%2F9ABmjBACBjMUbc0uPkixtCkIjhEaSDesKGYC8MOKO1RNV2Fm1pT1oYKUppjXofEMIiHtEqh6iFqbI%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjpJDkOOqBMFBnDVb6Q2m7trG9N4UXpO_L-vUL2tA5taO0pAzdb7TYEWzXBqXETRq0ndeNg_RvQ0ta161d2nUF9EQG9gLawhjETMiNVrfpkjT7niehMTMxGmOQMWMkUxzBjMSRIhKHqpA6ktaIPFJGRJEyRH59ZYQfKSsAaeDWCG8kRwSRLJKvnjSS1QXQCZU4pK6gAgKQGEADBWx2HIsEtiWCu-IpVyJ-iEhIPLAtFccij4YkkoY0F00YapcqsBFpiDiSXXVlXxOESAkklFUAsggCJHCBIFcBZmhaZMFYYQhWxBUoImxuQhAXVnx2SIrWSIP2jdLsvltw6TBrqaYKEV0bqFWiyiPSVSda1WVu87_MEi__qhCJzzRpiOCK8FaSfFfQrAZ-YcSXoggR7hZHc-g_A4Z8RdXZiXdl2Kvd7IR1oQYyaVkP1OUW-elPsIBIfA1oK6wkRFi4AMgybPYuO2QBzeB8M1QRSQA0kvgUHwao8oGfZUZEp0YE7MxGeRpFUH5YcaHcrDMiWDoTXXeG1LSIoP-MyogwRBbouo4MeW6IYlY5ymTLcaSoK4p4ZMy2V7CVGCIfPVlIHSJYuGEa2fI747_8hdn_4Z2Gw1bi5aufAapaiwE1wEYQmMsMJHNWvK9BtsylHpqy_eV1IZ6TL4VCBLv3We0Ckg4_s_rZUt9aYfObZWHAZtmwWTEMWijFdbez-y-MnCMufVEMz8G6l_nwD5XiMuewZdfu5Q_rljohQJeFihG1jijUl0A91x22kH7vAwHc8nbF0P1rkVTAHbo_D7DnCs6yUnIyvb9Vrobi8_lVlCHS2V0tcAHTpf-ZpMyjsE469CdcUa87xPpSIZ85Q5eg2bPN6Qj3piJChchCqtqs8k4zzC-ifnHIhr2njXIGAC-CU8t75F-SdE48Wxu6-jOCtaJ1l1WWfcw9kU-fDqlW0JNlc5lHDUY5jW1l_dWkQ4bnZnjv68NkZUi5HX5nQ1MoLnnbxGvOm2HX-kM_hM93CclSYFbRssVlGz0kql5GN5jls1ojim98bjSkl8rqGriKmS42GJmY6dLMxMQcJ7ExZYLY2D0zZ4vBbEjjrOozQ4rOako1DNqENk50emtl0OnjVB-js24fVqxoxHbi2TWAQojdu8DYpLs76vy_Megl78pCmEbMQ-HqFxhqRDGv31ZIffJXZ587G1VZmYtG3bBnGYgOwb4KekTuxHKX6DYVrJxMzJy9HEadCWVlMGYaDTorbUafVoBr8gHAysRsSlC5lNGijXW0gUq-MCubcyX3SFNtIKkAXXkFtgHMc1ptYsi0KB3CtBpatNrUpGZItauWiagadfS64TSzg27mmiX6Q6XPhFUMq5gbUr06X7WVrTYKkl6FIM5RJZqE0Zjaqno0NiYCuDImetSaPIlTgy0tRSXWASjPQU5iupxOhyrdXVeBonkcRPD6786TfaOcxgQ8MNFZkmNilvoFOyZmrWjBiInZSTb9GxOz-CVV11SYmK2iRQOm_QXeshSZo7bzWMipXgyJc3tc0DJse0xCTxfnrrbEqI5jnV5EYqZeVjLG-ukBAczK0dBmgmTlcQpS7JLQ-qURTY-cSrTb5Qi8TGtObPH1TE9fXcD9BmJlqqCBUpsup1sBqOU4KbP45ODqw9oCZ7VVcGGnbpzYV3Lt1MOM7VS8f_sqInf31WdEtsd3yi-KjNpMb0r09HP-l9gvY_wCu6R7gLe9FcRk91RRikK0S1nCLw6WdwrQtw6Gu8kZGegR8BCKjhTuDGarJv5QFMZWgVO-ObMOCEVBP3TPF1qCsB9T1lK0lLIF9_Yq3FgZjToG1HmsTfUmjVWQskCy5pBsTDSxk6wJqQj3E4ZMa2rpDi48jd20YSoZF_OFae6UoUcztRCtreKz6A98i_rF9typXwRlG8QWBS9GZcyctIJF16gZA6HJO7Wj8qB7evX0nfCJIdFj5vvHqbERTIpR0kNJF_q0_pyFno6JVgj01H97lw59K4euQV77tGrzlU2TFrAspKwWDosFpytTBBHKiUXjP3OQglPrBW7ZQDJ4OlLnVsV9TNhLL_g4XTa0CeR3mBOvhB2nOiIuEc0QxdskaQlIFj3qR80nT6L5T2A_yi6emhmcWhiMR7dV3Uhwukj8EMG3-oygQPPhd_zuieojVQ_84zdZsosYPoLvX0d0h92ebJpUZwGuxQurlbLXD_KXIPbKmkorkGTMUOrUcf6yyh29dwtpK93NS7VR6IEw6rSmxrKZNSnDBI-BQKhmnDC-vxgqXarV2eL9RbXxxmqrl-eMCf2cUhsnDBOf9b9YtLfMSFElKci5IQFpcSM7Lb-CeJ1TpA82JroC3Z7Ehy41JdncL2GI1drlh9OD_bBcpUcA7VzpRNxL6OuQhCUOfnTV5dQPig86NhFhf6bqBFq2Dl5iLlsasE3QzpAKoMK-Wac3FQpAc0QR2cE0s1nqxPMMaSHM_oxsujCOrz0TVRu8X-Mqupu8QuJlfRoKlP-CM2PU6IzqOPVkfMe4nM9OvNLCsHwp4cYrmF9vyzg5CMXDKSpsfSYYJ3j3kmPpPBaL2cLincdrAdzbgDO3gelwk5aOCGlXgSBeTKw0GjC4Z-G9swROhcmT_EoJy0eBUB4mrHwFLDMLeu5XePIr0N8KVX_tREw6gLhfJXIZMmP5GuDJ2B9LT-AAw8zBwX0CTz5BxEASUi4CMQ2ySyjLNqDN_67Bys49C7cYwf0oUB-dsa9Jns0Ve_EX3VOOP6xNWAzalG0ARvJYwtQmBEvWiccCeB4DM6LAwn_Qc-sTbq_BPZ97eJ3Y0ZDaA_bqZcqSqU8kE13sFO_lu2g1cwv7vslW3l2Oyx-_fmmNz_esDr2Zg5V7G-5tBN8G-PlZKTyI2rZd6g7HNJp_-U1P5DfcusWXvAsciFS7s5o5wAKCG7X_uPjBceb-7n8lBlqdNs6-BzqL70z4enu_1QW83NP7aTui5y9M2EHi3tSms9g4n13MtCVmvoJnjS_sjHa-yjfLdRB-nF1aY8iMRju93naiN_1Bld2STyR9qYO_D6esDx7NqpFOBVZ9zITUNnoP0eKZFouZnR1bfnNMtZoI6IgsH4eZkE_BbH_DTpVIb9PyIhXWNQarpSxkQrxSaBph-MjHKy4Z6Ux8BqkYNMptYYbfobARVdEG7vehyvg-XReJADemC23imuNvJMpn5NX6ACX17T9ppjNZ_wEYt7Ik-OrvrTa_CbmtpCmDiT8i42eB0o5j9-AuKtli9jCxMHp2s4WDl0cPzFGfEt79OlE00uOTk7EPOtwjdp_aslSlVjchvkdp6syvQmmtD_yqeuglZFoItCjeh__B8J_Ac5hZWHl57OQPneNNG65-D3jgnXI0XSFGd88df97oTtonbSwbf0ttkvIGl3UpfyKP4MhGrHcsTWuA7KNqm2eUPkAQIrKauwokLbhT-592yJu7tNG--GGsPoeH8G_V_Yw5kmKcSYo71eiyrtjGNiLjkOrZsjc_J7JfvnvzLWYWMHiZcMPeRUt2mci_o1vlwR5rrBDRro-0o9rmQU_V6RmiChjQQQUUoLvEIGhrzdqIX5con4AvxMRXkTissvlfY7CYWVl4mETfDfmaWV4coV13yerrXvExEsRBRjBk2LcpesQKvwT_J-za0dOpU6lLfjnu8ZvrDtpKcaeRJYLpx0UhNz6gOjYsmbEdiyXbmhAa3zFtDhaeLFKPHUmfn_soekhK6nlz11owlcEMILudZF-IrPhyrw_UrgHJu1vbrL4xEva4iAMziQK9ZOodoluPDh4ahL0o-e4rYOPhnglvYpuNhQ_ODn9MKV_KSjs6f2Sz1EfEUax6eiNyv7YpjpmF8sV_E1PlSCT6ZJVBAHJIrriRigdp3BKacdZtDsz_UbODybOV5430C5qCPohyLHM6Nz-uMCjTJ_NT3IzuKXbxwUoKqqOj37vNHb-sStnB5F28Wii4IxzhmeQb7033To9Z085fcAxXMV6L0jEn1VM8njifOO49Ji21xKDF_Pe07NDZeTjjCMCtfqNpWAsYelDJdn8gcDpcH1XtcjYIjj-KKPNBJ94RL98So40_Z3LFxkIagAz84kmux3cDZwsPj_ttt_N0aeeBpD13eU9_W--DsAe59ndA49dJ_LHEtfDwpoD1u_lEDY5Ge-uBXYvireIlsWRcWi-tJp1_rJzqeAyCyoaRpZYdNyjjF9IgPku-mDnRUzxxwWIgooEcejMrblXvYwH-Wo5O0aDTpqLua1_DQ3hdQOhPgjs4cX00SZnLUd8O-EyTmFJcnPSZCVWqjfORx5g5wRUPcmKiT-McjTZNTTpDjibRZ3qGtNro5Lkp1aAWRthtIwct2kYyJEoBgXLmcx3hFL8G7QR70-_JHWbphL7D1uWJHtouAEMhYcd0AGzfwZDFKb3uoHh3gOK8SA5Acu4AFqBGC5zVnr_ZIbFMrdpp5bkx096Z6O_Czd48-L4NmFY9b7PQT4V5xP4bKRo_GALofKk9-pPCtcvdZ6vUjTdA2GyjI7IwO-9SoOcEmuc6vRFl4AsVFRpTIxfGJtJjigl7Nn7SKXxBZY-xhkgPts7tv0BF8FsR8QNxr1ihHsKHQRsbdifesjalHuxB7iXe5PdtK_mOCBm9AETIzs7bM9ToGJLMKPL51rJF6NPKjYawCum6QA5NKwAyn7RCKdYOgW2OMgBzp_w2ajQdo3M1JlmD0pM6wJll778uEHQ6kXBlNmwv4Jzfm2rUjD7Ic4OHuoiZLYS5h8JumNXu0KnUEU6swEmkghZ4NnvOJOwRtkFthgt5MqZoYh_DEC7CBZOngCdRnYvX4E_HaeN3NWJIJBYxXaI18Yx9OTYsyPwWoKwNzr-HWpEeXWv7akuyTtKBCJLngAFu02DLKx5Zwscs3InfyTL4NYqE9Nc5TsK9HQS6HUzvq3giEZEaAXj89100kP9xsiAsKYKphSAepOfIj8yq0Qlu9eohqZ44lqRtEH6pMTeDM_kIUUFOgl_CG8pHCfnvdmdhhdAP4rYt8HWgUl12rS5_dIe4GMDfX9fxg_YxbE0JoEt7&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

79bd24bd53200855b76301ed78911d0a805d4d9213b9fae6b497eafa9d0f0a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653323780435472-6198969457436533945-vla1-3228-vla-l7-balancer-8080-BAL-1251
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 16:36:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:20 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 171 B
323 B 202ms
202ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T16%3A36%3A19.343%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=1483622852&pr=1271783716&prr=&pv=16&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.585102&ybv=0.585102&ytt=218804424671237&is-turbo=0&skip-token=&ad-session-id=4752551653323779297&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13923%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=585102&available-width=1600&yaru=true&p1=cobal&p2=gttr&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580226%2C0%2C12%3B579745%2C0%2C89%3B573667%2C0%2C52%3B585618%2C0%2C56%3B581288%2C0%2C93%3B406668%2C0%2C62%3B585102%2C0%2C73%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz36gqAupvFESbRMrkQpJ2d4EwSBt9y0oinZTFAjy7x1K8kVeL3eBwoANGDqHw5kzZ0Y%2FVoNWG2M74VcfPv9Y%2FfP12%2Fen1YeV1KJq5Wq9en76%2B1n9jv9ktCSsXP38sl7VO6G3EupW1Q%2Fgd9YM2x20ZqvqBYeovTIaqsF7%2FOmtMlb5xwVnShmlI6eVHwfpPOw70cPGmg4ehW7kEeywIPV2WISVU5bSdKTYCwdaHqAWbQvewHy%2Bl0cfp8hzwrORYro2DNoNfW%2Bslw3eSzTSgqut6j04W8NBWK309g1OlmfsHFZnplCEao2F2oTvXrTSewladHLB1artzkO1XfCxlLB8zlQvxZyoU9bExmOMSlvTtvG4GMuS4hzX4CT0tWmwmKbrMELhvah34HaiMYc3mEqe8TOTG%2BxePmJulMfcAEoKNsqG0LQ7YGzNYEXIwYIzyReMnGYkuTD6sRZ7ad0tLudZyfgSi59JSaLZmCN0WKi9cqpSLYoO8GqjXBc0T%2F%2F%2BuVQ4S1MycmBTzHUPFxFdf417%2Fuv70wLG03KGYTqdC4W4xbw86wy6G2%2BFIR%2B0tNccn5OCF5StaV6SPMcfznmyTvMs4XxN0zJPw09OWLGmRZZl6ZoSmhByeiQlZVEgnJGSJAhnWca%2FXMfEymTOv2jASanBVE5iXe3yKn98%2FfXb07KPC1pOat8ovAvefydHFWsfT0OWp%2BV05CepKeq5kU5tNdAEPqYoAdlDGiXIKS2n9u%2BtxI4H6yvMf6u0jOIYLfMp4toM2ge%2FOO5sFMIZCnSEnK0JGtMJpWMwrAdN545TjTRBHNhslYHN0LZoK5jnKD5BfyPn3FbWPGBhMK%2BwtaqJI1nOi7sBQ6Oct6qKwlE7RXapTQgXDqrxO1Cd2EbTi4LLOLlg8bixmStjQ1NZ0ajB%2FfJOhkcR4p4CBtEexKOLI1M2a6rZBIt0vdHYmF510gzLUUAJIUtsRtLpzidbRKj28fNypLlqZSuDd5zOA3mMtgAeyRh9CVcbwO9DMMK3FPIKwymAvWiHRbVSch89T79JnUr3WGQQtoufXSRz%2F4kGjcIrNw6ijQFswajd4tQl2TTSWokjFYekRbsXVombhNNb2Fzem36yEidzgyP7nY2FTKdaC4sC6aQXF7lIa9H6cau55sgXeE4yMlvPtNsE294reQirQ%2FToghWz%2B4fHQeN6UEuHfbWNwhhF3Ahzrsc9p97JECH00tY3Kg2%2Bf43Mk3K6q%2BuE9ZhrJ1QdcjeN%2BuAL8aNxsJTXKulkowRMbC7uQxdsMOfGDKPKxu3xrea4QCdpkyPBjQCDNc6rKJIn%2BZyrujX6XN3O7McZHcdSxtNXsFMc9H%2Fik3fiR0gv6ge3M%2BOQGm3pDTCqa7I%2FiRumxD3siE1xsKJHnZwG87J34oQ43S9r2ckkkC0seqh4lI9%2B0ey1b5ckhNIiRoJzH6c%2FVMrjoijfyXWaK7WbNrXIrX57%2FnazvrLZfUJACkXhTQ%2FG7zBHHl9woBtar96xUKe4VL3guQ%2FeiNa9hp50Mbsurqu45rfiMVip0sFaMC31w7haq2O8XHmR8CtKhyBMEb6nSRHvU55Qfo1c7qSxFZgURcEvY%2FN2Y8SYEkJvogz%2FBMTWiireTvjKQrLLs3ijTwuB5AklsefvTP4kv4v4%2BR87tVeF&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=M1V%2FhWbPK3xrt%2F9ABmjBACBjMUbc0uPkixtCkIjhEaSDesKGYC8MOKO1RNV2Fm1pT1oYKUppjXofEMIiHtEqh6iFqbI%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjpJDkOOqBMFBnDVb6Q2m7trG9N4UXpO_L-vUL2tA5taO0pAzdb7TYEWzXBqXETRq0ndeNg_RvQ0ta161d2nUF9EQG9gLawhjETMiNVrfpkjT7niehMTMxGmOQMWMkUxzBjMSRIhKHqpA6ktaIPFJGRJEyRH59ZYQfKSsAaeDWCG8kRwSRLJKvnjSS1QXQCZU4pK6gAgKQGEADBWx2HIsEtiWCu-IpVyJ-iEhIPLAtFccij4YkkoY0F00YapcqsBFpiDiSXXVlXxOESAkklFUAsggCJHCBIFcBZmhaZMFYYQhWxBUoImxuQhAXVnx2SIrWSIP2jdLsvltw6TBrqaYKEV0bqFWiyiPSVSda1WVu87_MEi__qhCJzzRpiOCK8FaSfFfQrAZ-YcSXoggR7hZHc-g_A4Z8RdXZiXdl2Kvd7IR1oQYyaVkP1OUW-elPsIBIfA1oK6wkRFi4AMgybPYuO2QBzeB8M1QRSQA0kvgUHwao8oGfZUZEp0YE7MxGeRpFUH5YcaHcrDMiWDoTXXeG1LSIoP-MyogwRBbouo4MeW6IYlY5ymTLcaSoK4p4ZMy2V7CVGCIfPVlIHSJYuGEa2fI747_8hdn_4Z2Gw1bi5aufAapaiwE1wEYQmMsMJHNWvK9BtsylHpqy_eV1IZ6TL4VCBLv3We0Ckg4_s_rZUt9aYfObZWHAZtmwWTEMWijFdbez-y-MnCMufVEMz8G6l_nwD5XiMuewZdfu5Q_rljohQJeFihG1jijUl0A91x22kH7vAwHc8nbF0P1rkVTAHbo_D7DnCs6yUnIyvb9Vrobi8_lVlCHS2V0tcAHTpf-ZpMyjsE469CdcUa87xPpSIZ85Q5eg2bPN6Qj3piJChchCqtqs8k4zzC-ifnHIhr2njXIGAC-CU8t75F-SdE48Wxu6-jOCtaJ1l1WWfcw9kU-fDqlW0JNlc5lHDUY5jW1l_dWkQ4bnZnjv68NkZUi5HX5nQ1MoLnnbxGvOm2HX-kM_hM93CclSYFbRssVlGz0kql5GN5jls1ojim98bjSkl8rqGriKmS42GJmY6dLMxMQcJ7ExZYLY2D0zZ4vBbEjjrOozQ4rOako1DNqENk50emtl0OnjVB-js24fVqxoxHbi2TWAQojdu8DYpLs76vy_Megl78pCmEbMQ-HqFxhqRDGv31ZIffJXZ587G1VZmYtG3bBnGYgOwb4KekTuxHKX6DYVrJxMzJy9HEadCWVlMGYaDTorbUafVoBr8gHAysRsSlC5lNGijXW0gUq-MCubcyX3SFNtIKkAXXkFtgHMc1ptYsi0KB3CtBpatNrUpGZItauWiagadfS64TSzg27mmiX6Q6XPhFUMq5gbUr06X7WVrTYKkl6FIM5RJZqE0Zjaqno0NiYCuDImetSaPIlTgy0tRSXWASjPQU5iupxOhyrdXVeBonkcRPD6786TfaOcxgQ8MNFZkmNilvoFOyZmrWjBiInZSTb9GxOz-CVV11SYmK2iRQOm_QXeshSZo7bzWMipXgyJc3tc0DJse0xCTxfnrrbEqI5jnV5EYqZeVjLG-ukBAczK0dBmgmTlcQpS7JLQ-qURTY-cSrTb5Qi8TGtObPH1TE9fXcD9BmJlqqCBUpsup1sBqOU4KbP45ODqw9oCZ7VVcGGnbpzYV3Lt1MOM7VS8f_sqInf31WdEtsd3yi-KjNpMb0r09HP-l9gvY_wCu6R7gLe9FcRk91RRikK0S1nCLw6WdwrQtw6Gu8kZGegR8BCKjhTuDGarJv5QFMZWgVO-ObMOCEVBP3TPF1qCsB9T1lK0lLIF9_Yq3FgZjToG1HmsTfUmjVWQskCy5pBsTDSxk6wJqQj3E4ZMa2rpDi48jd20YSoZF_OFae6UoUcztRCtreKz6A98i_rF9typXwRlG8QWBS9GZcyctIJF16gZA6HJO7Wj8qB7evX0nfCJIdFj5vvHqbERTIpR0kNJF_q0_pyFno6JVgj01H97lw59K4euQV77tGrzlU2TFrAspKwWDosFpytTBBHKiUXjP3OQglPrBW7ZQDJ4OlLnVsV9TNhLL_g4XTa0CeR3mBOvhB2nOiIuEc0QxdskaQlIFj3qR80nT6L5T2A_yi6emhmcWhiMR7dV3Uhwukj8EMG3-oygQPPhd_zuieojVQ_84zdZsosYPoLvX0d0h92ebJpUZwGuxQurlbLXD_KXIPbKmkorkGTMUOrUcf6yyh29dwtpK93NS7VR6IEw6rSmxrKZNSnDBI-BQKhmnDC-vxgqXarV2eL9RbXxxmqrl-eMCf2cUhsnDBOf9b9YtLfMSFElKci5IQFpcSM7Lb-CeJ1TpA82JroC3Z7Ehy41JdncL2GI1drlh9OD_bBcpUcA7VzpRNxL6OuQhCUOfnTV5dQPig86NhFhf6bqBFq2Dl5iLlsasE3QzpAKoMK-Wac3FQpAc0QR2cE0s1nqxPMMaSHM_oxsujCOrz0TVRu8X-Mqupu8QuJlfRoKlP-CM2PU6IzqOPVkfMe4nM9OvNLCsHwp4cYrmF9vyzg5CMXDKSpsfSYYJ3j3kmPpPBaL2cLincdrAdzbgDO3gelwk5aOCGlXgSBeTKw0GjC4Z-G9swROhcmT_EoJy0eBUB4mrHwFLDMLeu5XePIr0N8KVX_tREw6gLhfJXIZMmP5GuDJ2B9LT-AAw8zBwX0CTz5BxEASUi4CMQ2ySyjLNqDN_67Bys49C7cYwf0oUB-dsa9Jns0Ve_EX3VOOP6xNWAzalG0ARvJYwtQmBEvWiccCeB4DM6LAwn_Qc-sTbq_BPZ97eJ3Y0ZDaA_bqZcqSqU8kE13sFO_lu2g1cwv7vslW3l2Oyx-_fmmNz_esDr2Zg5V7G-5tBN8G-PlZKTyI2rZd6g7HNJp_-U1P5DfcusWXvAsciFS7s5o5wAKCG7X_uPjBceb-7n8lBlqdNs6-BzqL70z4enu_1QW83NP7aTui5y9M2EHi3tSms9g4n13MtCVmvoJnjS_sjHa-yjfLdRB-nF1aY8iMRju93naiN_1Bld2STyR9qYO_D6esDx7NqpFOBVZ9zITUNnoP0eKZFouZnR1bfnNMtZoI6IgsH4eZkE_BbH_DTpVIb9PyIhXWNQarpSxkQrxSaBph-MjHKy4Z6Ux8BqkYNMptYYbfobARVdEG7vehyvg-XReJADemC23imuNvJMpn5NX6ACX17T9ppjNZ_wEYt7Ik-OrvrTa_CbmtpCmDiT8i42eB0o5j9-AuKtli9jCxMHp2s4WDl0cPzFGfEt79OlE00uOTk7EPOtwjdp_aslSlVjchvkdp6syvQmmtD_yqeuglZFoItCjeh__B8J_Ac5hZWHl57OQPneNNG65-D3jgnXI0XSFGd88df97oTtonbSwbf0ttkvIGl3UpfyKP4MhGrHcsTWuA7KNqm2eUPkAQIrKauwokLbhT-592yJu7tNG--GGsPoeH8G_V_Yw5kmKcSYo71eiyrtjGNiLjkOrZsjc_J7JfvnvzLWYWMHiZcMPeRUt2mci_o1vlwR5rrBDRro-0o9rmQU_V6RmiChjQQQUUoLvEIGhrzdqIX5con4AvxMRXkTissvlfY7CYWVl4mETfDfmaWV4coV13yerrXvExEsRBRjBk2LcpesQKvwT_J-za0dOpU6lLfjnu8ZvrDtpKcaeRJYLpx0UhNz6gOjYsmbEdiyXbmhAa3zFtDhaeLFKPHUmfn_soekhK6nlz11owlcEMILudZF-IrPhyrw_UrgHJu1vbrL4xEva4iAMziQK9ZOodoluPDh4ahL0o-e4rYOPhnglvYpuNhQ_ODn9MKV_KSjs6f2Sz1EfEUax6eiNyv7YpjpmF8sV_E1PlSCT6ZJVBAHJIrriRigdp3BKacdZtDsz_UbODybOV5430C5qCPohyLHM6Nz-uMCjTJ_NT3IzuKXbxwUoKqqOj37vNHb-sStnB5F28Wii4IxzhmeQb7033To9Z085fcAxXMV6L0jEn1VM8njifOO49Ji21xKDF_Pe07NDZeTjjCMCtfqNpWAsYelDJdn8gcDpcH1XtcjYIjj-KKPNBJ94RL98So40_Z3LFxkIagAz84kmux3cDZwsPj_ttt_N0aeeBpD13eU9_W--DsAe59ndA49dJ_LHEtfDwpoD1u_lEDY5Ge-uBXYvireIlsWRcWi-tJp1_rJzqeAyCyoaRpZYdNyjjF9IgPku-mDnRUzxxwWIgooEcejMrblXvYwH-Wo5O0aDTpqLua1_DQ3hdQOhPgjs4cX00SZnLUd8O-EyTmFJcnPSZCVWqjfORx5g5wRUPcmKiT-McjTZNTTpDjibRZ3qGtNro5Lkp1aAWRthtIwct2kYyJEoBgXLmcx3hFL8G7QR70-_JHWbphL7D1uWJHtouAEMhYcd0AGzfwZDFKb3uoHh3gOK8SA5Acu4AFqBGC5zVnr_ZIbFMrdpp5bkx096Z6O_Czd48-L4NmFY9b7PQT4V5xP4bKRo_GALofKk9-pPCtcvdZ6vUjTdA2GyjI7IwO-9SoOcEmuc6vRFl4AsVFRpTIxfGJtJjigl7Nn7SKXxBZY-xhkgPts7tv0BF8FsR8QNxr1ihHsKHQRsbdifesjalHuxB7iXe5PdtK_mOCBm9AETIzs7bM9ToGJLMKPL51rJF6NPKjYawCum6QA5NKwAyn7RCKdYOgW2OMgBzp_w2ajQdo3M1JlmD0pM6wJll778uEHQ6kXBlNmwv4Jzfm2rUjD7Ic4OHuoiZLYS5h8JumNXu0KnUEU6swEmkghZ4NnvOJOwRtkFthgt5MqZoYh_DEC7CBZOngCdRnYvX4E_HaeN3NWJIJBYxXaI18Yx9OTYsyPwWoKwNzr-HWpEeXWv7akuyTtKBCJLngAFu02DLKx5Zwscs3InfyTL4NYqE9Nc5TsK9HQS6HUzvq3giEZEaAXj89100kP9xsiAsKYKphSAepOfIj8yq0Qlu9eohqZ44lqRtEH6pMTeDM_kIUUFOgl_CG8pHCfnvdmdhhdAP4rYt8HWgUl12rS5_dIe4GMDfX9fxg_YxbE0JoEt7&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0bb425a58a348f2d1ac3801a047c4b179c04078db3fb5bb404e98e398ab3f865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653323780524152-17604449926184529967-vla1-3228-vla-l7-balancer-8080-BAL-721
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 16:36:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:20 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 2 KB
1 KB 218ms
218ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T16%3A36%3A19.352%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=2187018109&pr=1271783716&prr=&pv=16&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.585102&ybv=0.585102&ytt=218804424671237&is-turbo=0&skip-token=&ad-session-id=4752551653323779297&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A241%2C%22h%22%3A0%2C%22width%22%3A241%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1103%2C%22top%22%3A572%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=585102&available-width=241&yaru=true&p1=crsny&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580226%2C0%2C12%3B579745%2C0%2C89%3B573667%2C0%2C52%3B585618%2C0%2C56%3B581288%2C0%2C93%3B406668%2C0%2C62%3B585102%2C0%2C73%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz36gqAupvFESbRMrkQpJ2d4EwSBt9y0oinZTFAjy7x1K8kVeL3eBwoANGDqHw5kzZ0Y%2FVoNWG2M74VcfPv9Y%2FfP12%2Fen1YeV1KJq5Wq9en76%2B1n9jv9ktCSsXP38sl7VO6G3EupW1Q%2Fgd9YM2x20ZqvqBYeovTIaqsF7%2FOmtMlb5xwVnShmlI6eVHwfpPOw70cPGmg4ehW7kEeywIPV2WISVU5bSdKTYCwdaHqAWbQvewHy%2Bl0cfp8hzwrORYro2DNoNfW%2Bslw3eSzTSgqut6j04W8NBWK309g1OlmfsHFZnplCEao2F2oTvXrTSewladHLB1artzkO1XfCxlLB8zlQvxZyoU9bExmOMSlvTtvG4GMuS4hzX4CT0tWmwmKbrMELhvah34HaiMYc3mEqe8TOTG%2BxePmJulMfcAEoKNsqG0LQ7YGzNYEXIwYIzyReMnGYkuTD6sRZ7ad0tLudZyfgSi59JSaLZmCN0WKi9cqpSLYoO8GqjXBc0T%2F%2F%2BuVQ4S1MycmBTzHUPFxFdf417%2Fuv70wLG03KGYTqdC4W4xbw86wy6G2%2BFIR%2B0tNccn5OCF5StaV6SPMcfznmyTvMs4XxN0zJPw09OWLGmRZZl6ZoSmhByeiQlZVEgnJGSJAhnWca%2FXMfEymTOv2jASanBVE5iXe3yKn98%2FfXb07KPC1pOat8ovAvefydHFWsfT0OWp%2BV05CepKeq5kU5tNdAEPqYoAdlDGiXIKS2n9u%2BtxI4H6yvMf6u0jOIYLfMp4toM2ge%2FOO5sFMIZCnSEnK0JGtMJpWMwrAdN545TjTRBHNhslYHN0LZoK5jnKD5BfyPn3FbWPGBhMK%2BwtaqJI1nOi7sBQ6Oct6qKwlE7RXapTQgXDqrxO1Cd2EbTi4LLOLlg8bixmStjQ1NZ0ajB%2FfJOhkcR4p4CBtEexKOLI1M2a6rZBIt0vdHYmF510gzLUUAJIUtsRtLpzidbRKj28fNypLlqZSuDd5zOA3mMtgAeyRh9CVcbwO9DMMK3FPIKwymAvWiHRbVSch89T79JnUr3WGQQtoufXSRz%2F4kGjcIrNw6ijQFswajd4tQl2TTSWokjFYekRbsXVombhNNb2Fzem36yEidzgyP7nY2FTKdaC4sC6aQXF7lIa9H6cau55sgXeE4yMlvPtNsE294reQirQ%2FToghWz%2B4fHQeN6UEuHfbWNwhhF3Ahzrsc9p97JECH00tY3Kg2%2Bf43Mk3K6q%2BuE9ZhrJ1QdcjeN%2BuAL8aNxsJTXKulkowRMbC7uQxdsMOfGDKPKxu3xrea4QCdpkyPBjQCDNc6rKJIn%2BZyrujX6XN3O7McZHcdSxtNXsFMc9H%2Fik3fiR0gv6ge3M%2BOQGm3pDTCqa7I%2FiRumxD3siE1xsKJHnZwG87J34oQ43S9r2ckkkC0seqh4lI9%2B0ey1b5ckhNIiRoJzH6c%2FVMrjoijfyXWaK7WbNrXIrX57%2FnazvrLZfUJACkXhTQ%2FG7zBHHl9woBtar96xUKe4VL3guQ%2FeiNa9hp50Mbsurqu45rfiMVip0sFaMC31w7haq2O8XHmR8CtKhyBMEb6nSRHvU55Qfo1c7qSxFZgURcEvY%2FN2Y8SYEkJvogz%2FBMTWiireTvjKQrLLs3ijTwuB5AklsefvTP4kv4v4%2BR87tVeF&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=M1V%2FhWbPK3xrt%2F9ABmjBACBjMUbc0uPkixtCkIjhEaSDesKGYC8MOKO1RNV2Fm1pT1oYKUppjXofEMIiHtEqh6iFqbI%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjpJDkOOqBMFBnDVb6Q2m7trG9N4UXpO_L-vUL2tA5taO0pAzdb7TYEWzXBqXETRq0ndeNg_RvQ0ta161d2nUF9EQG9gLawhjETMiNVrfpkjT7niehMTMxGmOQMWMkUxzBjMSRIhKHqpA6ktaIPFJGRJEyRH59ZYQfKSsAaeDWCG8kRwSRLJKvnjSS1QXQCZU4pK6gAgKQGEADBWx2HIsEtiWCu-IpVyJ-iEhIPLAtFccij4YkkoY0F00YapcqsBFpiDiSXXVlXxOESAkklFUAsggCJHCBIFcBZmhaZMFYYQhWxBUoImxuQhAXVnx2SIrWSIP2jdLsvltw6TBrqaYKEV0bqFWiyiPSVSda1WVu87_MEi__qhCJzzRpiOCK8FaSfFfQrAZ-YcSXoggR7hZHc-g_A4Z8RdXZiXdl2Kvd7IR1oQYyaVkP1OUW-elPsIBIfA1oK6wkRFi4AMgybPYuO2QBzeB8M1QRSQA0kvgUHwao8oGfZUZEp0YE7MxGeRpFUH5YcaHcrDMiWDoTXXeG1LSIoP-MyogwRBbouo4MeW6IYlY5ymTLcaSoK4p4ZMy2V7CVGCIfPVlIHSJYuGEa2fI747_8hdn_4Z2Gw1bi5aufAapaiwE1wEYQmMsMJHNWvK9BtsylHpqy_eV1IZ6TL4VCBLv3We0Ckg4_s_rZUt9aYfObZWHAZtmwWTEMWijFdbez-y-MnCMufVEMz8G6l_nwD5XiMuewZdfu5Q_rljohQJeFihG1jijUl0A91x22kH7vAwHc8nbF0P1rkVTAHbo_D7DnCs6yUnIyvb9Vrobi8_lVlCHS2V0tcAHTpf-ZpMyjsE469CdcUa87xPpSIZ85Q5eg2bPN6Qj3piJChchCqtqs8k4zzC-ifnHIhr2njXIGAC-CU8t75F-SdE48Wxu6-jOCtaJ1l1WWfcw9kU-fDqlW0JNlc5lHDUY5jW1l_dWkQ4bnZnjv68NkZUi5HX5nQ1MoLnnbxGvOm2HX-kM_hM93CclSYFbRssVlGz0kql5GN5jls1ojim98bjSkl8rqGriKmS42GJmY6dLMxMQcJ7ExZYLY2D0zZ4vBbEjjrOozQ4rOako1DNqENk50emtl0OnjVB-js24fVqxoxHbi2TWAQojdu8DYpLs76vy_Megl78pCmEbMQ-HqFxhqRDGv31ZIffJXZ587G1VZmYtG3bBnGYgOwb4KekTuxHKX6DYVrJxMzJy9HEadCWVlMGYaDTorbUafVoBr8gHAysRsSlC5lNGijXW0gUq-MCubcyX3SFNtIKkAXXkFtgHMc1ptYsi0KB3CtBpatNrUpGZItauWiagadfS64TSzg27mmiX6Q6XPhFUMq5gbUr06X7WVrTYKkl6FIM5RJZqE0Zjaqno0NiYCuDImetSaPIlTgy0tRSXWASjPQU5iupxOhyrdXVeBonkcRPD6786TfaOcxgQ8MNFZkmNilvoFOyZmrWjBiInZSTb9GxOz-CVV11SYmK2iRQOm_QXeshSZo7bzWMipXgyJc3tc0DJse0xCTxfnrrbEqI5jnV5EYqZeVjLG-ukBAczK0dBmgmTlcQpS7JLQ-qURTY-cSrTb5Qi8TGtObPH1TE9fXcD9BmJlqqCBUpsup1sBqOU4KbP45ODqw9oCZ7VVcGGnbpzYV3Lt1MOM7VS8f_sqInf31WdEtsd3yi-KjNpMb0r09HP-l9gvY_wCu6R7gLe9FcRk91RRikK0S1nCLw6WdwrQtw6Gu8kZGegR8BCKjhTuDGarJv5QFMZWgVO-ObMOCEVBP3TPF1qCsB9T1lK0lLIF9_Yq3FgZjToG1HmsTfUmjVWQskCy5pBsTDSxk6wJqQj3E4ZMa2rpDi48jd20YSoZF_OFae6UoUcztRCtreKz6A98i_rF9typXwRlG8QWBS9GZcyctIJF16gZA6HJO7Wj8qB7evX0nfCJIdFj5vvHqbERTIpR0kNJF_q0_pyFno6JVgj01H97lw59K4euQV77tGrzlU2TFrAspKwWDosFpytTBBHKiUXjP3OQglPrBW7ZQDJ4OlLnVsV9TNhLL_g4XTa0CeR3mBOvhB2nOiIuEc0QxdskaQlIFj3qR80nT6L5T2A_yi6emhmcWhiMR7dV3Uhwukj8EMG3-oygQPPhd_zuieojVQ_84zdZsosYPoLvX0d0h92ebJpUZwGuxQurlbLXD_KXIPbKmkorkGTMUOrUcf6yyh29dwtpK93NS7VR6IEw6rSmxrKZNSnDBI-BQKhmnDC-vxgqXarV2eL9RbXxxmqrl-eMCf2cUhsnDBOf9b9YtLfMSFElKci5IQFpcSM7Lb-CeJ1TpA82JroC3Z7Ehy41JdncL2GI1drlh9OD_bBcpUcA7VzpRNxL6OuQhCUOfnTV5dQPig86NhFhf6bqBFq2Dl5iLlsasE3QzpAKoMK-Wac3FQpAc0QR2cE0s1nqxPMMaSHM_oxsujCOrz0TVRu8X-Mqupu8QuJlfRoKlP-CM2PU6IzqOPVkfMe4nM9OvNLCsHwp4cYrmF9vyzg5CMXDKSpsfSYYJ3j3kmPpPBaL2cLincdrAdzbgDO3gelwk5aOCGlXgSBeTKw0GjC4Z-G9swROhcmT_EoJy0eBUB4mrHwFLDMLeu5XePIr0N8KVX_tREw6gLhfJXIZMmP5GuDJ2B9LT-AAw8zBwX0CTz5BxEASUi4CMQ2ySyjLNqDN_67Bys49C7cYwf0oUB-dsa9Jns0Ve_EX3VOOP6xNWAzalG0ARvJYwtQmBEvWiccCeB4DM6LAwn_Qc-sTbq_BPZ97eJ3Y0ZDaA_bqZcqSqU8kE13sFO_lu2g1cwv7vslW3l2Oyx-_fmmNz_esDr2Zg5V7G-5tBN8G-PlZKTyI2rZd6g7HNJp_-U1P5DfcusWXvAsciFS7s5o5wAKCG7X_uPjBceb-7n8lBlqdNs6-BzqL70z4enu_1QW83NP7aTui5y9M2EHi3tSms9g4n13MtCVmvoJnjS_sjHa-yjfLdRB-nF1aY8iMRju93naiN_1Bld2STyR9qYO_D6esDx7NqpFOBVZ9zITUNnoP0eKZFouZnR1bfnNMtZoI6IgsH4eZkE_BbH_DTpVIb9PyIhXWNQarpSxkQrxSaBph-MjHKy4Z6Ux8BqkYNMptYYbfobARVdEG7vehyvg-XReJADemC23imuNvJMpn5NX6ACX17T9ppjNZ_wEYt7Ik-OrvrTa_CbmtpCmDiT8i42eB0o5j9-AuKtli9jCxMHp2s4WDl0cPzFGfEt79OlE00uOTk7EPOtwjdp_aslSlVjchvkdp6syvQmmtD_yqeuglZFoItCjeh__B8J_Ac5hZWHl57OQPneNNG65-D3jgnXI0XSFGd88df97oTtonbSwbf0ttkvIGl3UpfyKP4MhGrHcsTWuA7KNqm2eUPkAQIrKauwokLbhT-592yJu7tNG--GGsPoeH8G_V_Yw5kmKcSYo71eiyrtjGNiLjkOrZsjc_J7JfvnvzLWYWMHiZcMPeRUt2mci_o1vlwR5rrBDRro-0o9rmQU_V6RmiChjQQQUUoLvEIGhrzdqIX5con4AvxMRXkTissvlfY7CYWVl4mETfDfmaWV4coV13yerrXvExEsRBRjBk2LcpesQKvwT_J-za0dOpU6lLfjnu8ZvrDtpKcaeRJYLpx0UhNz6gOjYsmbEdiyXbmhAa3zFtDhaeLFKPHUmfn_soekhK6nlz11owlcEMILudZF-IrPhyrw_UrgHJu1vbrL4xEva4iAMziQK9ZOodoluPDh4ahL0o-e4rYOPhnglvYpuNhQ_ODn9MKV_KSjs6f2Sz1EfEUax6eiNyv7YpjpmF8sV_E1PlSCT6ZJVBAHJIrriRigdp3BKacdZtDsz_UbODybOV5430C5qCPohyLHM6Nz-uMCjTJ_NT3IzuKXbxwUoKqqOj37vNHb-sStnB5F28Wii4IxzhmeQb7033To9Z085fcAxXMV6L0jEn1VM8njifOO49Ji21xKDF_Pe07NDZeTjjCMCtfqNpWAsYelDJdn8gcDpcH1XtcjYIjj-KKPNBJ94RL98So40_Z3LFxkIagAz84kmux3cDZwsPj_ttt_N0aeeBpD13eU9_W--DsAe59ndA49dJ_LHEtfDwpoD1u_lEDY5Ge-uBXYvireIlsWRcWi-tJp1_rJzqeAyCyoaRpZYdNyjjF9IgPku-mDnRUzxxwWIgooEcejMrblXvYwH-Wo5O0aDTpqLua1_DQ3hdQOhPgjs4cX00SZnLUd8O-EyTmFJcnPSZCVWqjfORx5g5wRUPcmKiT-McjTZNTTpDjibRZ3qGtNro5Lkp1aAWRthtIwct2kYyJEoBgXLmcx3hFL8G7QR70-_JHWbphL7D1uWJHtouAEMhYcd0AGzfwZDFKb3uoHh3gOK8SA5Acu4AFqBGC5zVnr_ZIbFMrdpp5bkx096Z6O_Czd48-L4NmFY9b7PQT4V5xP4bKRo_GALofKk9-pPCtcvdZ6vUjTdA2GyjI7IwO-9SoOcEmuc6vRFl4AsVFRpTIxfGJtJjigl7Nn7SKXxBZY-xhkgPts7tv0BF8FsR8QNxr1ihHsKHQRsbdifesjalHuxB7iXe5PdtK_mOCBm9AETIzs7bM9ToGJLMKPL51rJF6NPKjYawCum6QA5NKwAyn7RCKdYOgW2OMgBzp_w2ajQdo3M1JlmD0pM6wJll778uEHQ6kXBlNmwv4Jzfm2rUjD7Ic4OHuoiZLYS5h8JumNXu0KnUEU6swEmkghZ4NnvOJOwRtkFthgt5MqZoYh_DEC7CBZOngCdRnYvX4E_HaeN3NWJIJBYxXaI18Yx9OTYsyPwWoKwNzr-HWpEeXWv7akuyTtKBCJLngAFu02DLKx5Zwscs3InfyTL4NYqE9Nc5TsK9HQS6HUzvq3giEZEaAXj89100kP9xsiAsKYKphSAepOfIj8yq0Qlu9eohqZ44lqRtEH6pMTeDM_kIUUFOgl_CG8pHCfnvdmdhhdAP4rYt8HWgUl12rS5_dIe4GMDfX9fxg_YxbE0JoEt7&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3318813c2394d0aaf58e2598a99aa6078890d28992ab3db0dd5dfb068ff2966e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653323780524572-6430541536054974870-vla1-3228-vla-l7-balancer-8080-BAL-7939
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 16:36:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:20 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 2 KB
1 KB 394ms
393ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T16%3A36%3A19.357%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=1943406970&pr=1271783716&prr=&pv=16&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.585102&ybv=0.585102&ytt=218804424671237&is-turbo=0&skip-token=&ad-session-id=4752551653323779297&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A436%2C%22top%22%3A330%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=585102&available-width=728&yaru=true&p1=crsnx&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580226%2C0%2C12%3B579745%2C0%2C89%3B573667%2C0%2C52%3B585618%2C0%2C56%3B581288%2C0%2C93%3B406668%2C0%2C62%3B585102%2C0%2C73%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz36gqAupvFESbRMrkQpJ2d4EwSBt9y0oinZTFAjy7x1K8kVeL3eBwoANGDqHw5kzZ0Y%2FVoNWG2M74VcfPv9Y%2FfP12%2Fen1YeV1KJq5Wq9en76%2B1n9jv9ktCSsXP38sl7VO6G3EupW1Q%2Fgd9YM2x20ZqvqBYeovTIaqsF7%2FOmtMlb5xwVnShmlI6eVHwfpPOw70cPGmg4ehW7kEeywIPV2WISVU5bSdKTYCwdaHqAWbQvewHy%2Bl0cfp8hzwrORYro2DNoNfW%2Bslw3eSzTSgqut6j04W8NBWK309g1OlmfsHFZnplCEao2F2oTvXrTSewladHLB1artzkO1XfCxlLB8zlQvxZyoU9bExmOMSlvTtvG4GMuS4hzX4CT0tWmwmKbrMELhvah34HaiMYc3mEqe8TOTG%2BxePmJulMfcAEoKNsqG0LQ7YGzNYEXIwYIzyReMnGYkuTD6sRZ7ad0tLudZyfgSi59JSaLZmCN0WKi9cqpSLYoO8GqjXBc0T%2F%2F%2BuVQ4S1MycmBTzHUPFxFdf417%2Fuv70wLG03KGYTqdC4W4xbw86wy6G2%2BFIR%2B0tNccn5OCF5StaV6SPMcfznmyTvMs4XxN0zJPw09OWLGmRZZl6ZoSmhByeiQlZVEgnJGSJAhnWca%2FXMfEymTOv2jASanBVE5iXe3yKn98%2FfXb07KPC1pOat8ovAvefydHFWsfT0OWp%2BV05CepKeq5kU5tNdAEPqYoAdlDGiXIKS2n9u%2BtxI4H6yvMf6u0jOIYLfMp4toM2ge%2FOO5sFMIZCnSEnK0JGtMJpWMwrAdN545TjTRBHNhslYHN0LZoK5jnKD5BfyPn3FbWPGBhMK%2BwtaqJI1nOi7sBQ6Oct6qKwlE7RXapTQgXDqrxO1Cd2EbTi4LLOLlg8bixmStjQ1NZ0ajB%2FfJOhkcR4p4CBtEexKOLI1M2a6rZBIt0vdHYmF510gzLUUAJIUtsRtLpzidbRKj28fNypLlqZSuDd5zOA3mMtgAeyRh9CVcbwO9DMMK3FPIKwymAvWiHRbVSch89T79JnUr3WGQQtoufXSRz%2F4kGjcIrNw6ijQFswajd4tQl2TTSWokjFYekRbsXVombhNNb2Fzem36yEidzgyP7nY2FTKdaC4sC6aQXF7lIa9H6cau55sgXeE4yMlvPtNsE294reQirQ%2FToghWz%2B4fHQeN6UEuHfbWNwhhF3Ahzrsc9p97JECH00tY3Kg2%2Bf43Mk3K6q%2BuE9ZhrJ1QdcjeN%2BuAL8aNxsJTXKulkowRMbC7uQxdsMOfGDKPKxu3xrea4QCdpkyPBjQCDNc6rKJIn%2BZyrujX6XN3O7McZHcdSxtNXsFMc9H%2Fik3fiR0gv6ge3M%2BOQGm3pDTCqa7I%2FiRumxD3siE1xsKJHnZwG87J34oQ43S9r2ckkkC0seqh4lI9%2B0ey1b5ckhNIiRoJzH6c%2FVMrjoijfyXWaK7WbNrXIrX57%2FnazvrLZfUJACkXhTQ%2FG7zBHHl9woBtar96xUKe4VL3guQ%2FeiNa9hp50Mbsurqu45rfiMVip0sFaMC31w7haq2O8XHmR8CtKhyBMEb6nSRHvU55Qfo1c7qSxFZgURcEvY%2FN2Y8SYEkJvogz%2FBMTWiireTvjKQrLLs3ijTwuB5AklsefvTP4kv4v4%2BR87tVeF&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=M1V%2FhWbPK3xrt%2F9ABmjBACBjMUbc0uPkixtCkIjhEaSDesKGYC8MOKO1RNV2Fm1pT1oYKUppjXofEMIiHtEqh6iFqbI%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjpJDkOOqBMFBnDVb6Q2m7trG9N4UXpO_L-vUL2tA5taO0pAzdb7TYEWzXBqXETRq0ndeNg_RvQ0ta161d2nUF9EQG9gLawhjETMiNVrfpkjT7niehMTMxGmOQMWMkUxzBjMSRIhKHqpA6ktaIPFJGRJEyRH59ZYQfKSsAaeDWCG8kRwSRLJKvnjSS1QXQCZU4pK6gAgKQGEADBWx2HIsEtiWCu-IpVyJ-iEhIPLAtFccij4YkkoY0F00YapcqsBFpiDiSXXVlXxOESAkklFUAsggCJHCBIFcBZmhaZMFYYQhWxBUoImxuQhAXVnx2SIrWSIP2jdLsvltw6TBrqaYKEV0bqFWiyiPSVSda1WVu87_MEi__qhCJzzRpiOCK8FaSfFfQrAZ-YcSXoggR7hZHc-g_A4Z8RdXZiXdl2Kvd7IR1oQYyaVkP1OUW-elPsIBIfA1oK6wkRFi4AMgybPYuO2QBzeB8M1QRSQA0kvgUHwao8oGfZUZEp0YE7MxGeRpFUH5YcaHcrDMiWDoTXXeG1LSIoP-MyogwRBbouo4MeW6IYlY5ymTLcaSoK4p4ZMy2V7CVGCIfPVlIHSJYuGEa2fI747_8hdn_4Z2Gw1bi5aufAapaiwE1wEYQmMsMJHNWvK9BtsylHpqy_eV1IZ6TL4VCBLv3We0Ckg4_s_rZUt9aYfObZWHAZtmwWTEMWijFdbez-y-MnCMufVEMz8G6l_nwD5XiMuewZdfu5Q_rljohQJeFihG1jijUl0A91x22kH7vAwHc8nbF0P1rkVTAHbo_D7DnCs6yUnIyvb9Vrobi8_lVlCHS2V0tcAHTpf-ZpMyjsE469CdcUa87xPpSIZ85Q5eg2bPN6Qj3piJChchCqtqs8k4zzC-ifnHIhr2njXIGAC-CU8t75F-SdE48Wxu6-jOCtaJ1l1WWfcw9kU-fDqlW0JNlc5lHDUY5jW1l_dWkQ4bnZnjv68NkZUi5HX5nQ1MoLnnbxGvOm2HX-kM_hM93CclSYFbRssVlGz0kql5GN5jls1ojim98bjSkl8rqGriKmS42GJmY6dLMxMQcJ7ExZYLY2D0zZ4vBbEjjrOozQ4rOako1DNqENk50emtl0OnjVB-js24fVqxoxHbi2TWAQojdu8DYpLs76vy_Megl78pCmEbMQ-HqFxhqRDGv31ZIffJXZ587G1VZmYtG3bBnGYgOwb4KekTuxHKX6DYVrJxMzJy9HEadCWVlMGYaDTorbUafVoBr8gHAysRsSlC5lNGijXW0gUq-MCubcyX3SFNtIKkAXXkFtgHMc1ptYsi0KB3CtBpatNrUpGZItauWiagadfS64TSzg27mmiX6Q6XPhFUMq5gbUr06X7WVrTYKkl6FIM5RJZqE0Zjaqno0NiYCuDImetSaPIlTgy0tRSXWASjPQU5iupxOhyrdXVeBonkcRPD6786TfaOcxgQ8MNFZkmNilvoFOyZmrWjBiInZSTb9GxOz-CVV11SYmK2iRQOm_QXeshSZo7bzWMipXgyJc3tc0DJse0xCTxfnrrbEqI5jnV5EYqZeVjLG-ukBAczK0dBmgmTlcQpS7JLQ-qURTY-cSrTb5Qi8TGtObPH1TE9fXcD9BmJlqqCBUpsup1sBqOU4KbP45ODqw9oCZ7VVcGGnbpzYV3Lt1MOM7VS8f_sqInf31WdEtsd3yi-KjNpMb0r09HP-l9gvY_wCu6R7gLe9FcRk91RRikK0S1nCLw6WdwrQtw6Gu8kZGegR8BCKjhTuDGarJv5QFMZWgVO-ObMOCEVBP3TPF1qCsB9T1lK0lLIF9_Yq3FgZjToG1HmsTfUmjVWQskCy5pBsTDSxk6wJqQj3E4ZMa2rpDi48jd20YSoZF_OFae6UoUcztRCtreKz6A98i_rF9typXwRlG8QWBS9GZcyctIJF16gZA6HJO7Wj8qB7evX0nfCJIdFj5vvHqbERTIpR0kNJF_q0_pyFno6JVgj01H97lw59K4euQV77tGrzlU2TFrAspKwWDosFpytTBBHKiUXjP3OQglPrBW7ZQDJ4OlLnVsV9TNhLL_g4XTa0CeR3mBOvhB2nOiIuEc0QxdskaQlIFj3qR80nT6L5T2A_yi6emhmcWhiMR7dV3Uhwukj8EMG3-oygQPPhd_zuieojVQ_84zdZsosYPoLvX0d0h92ebJpUZwGuxQurlbLXD_KXIPbKmkorkGTMUOrUcf6yyh29dwtpK93NS7VR6IEw6rSmxrKZNSnDBI-BQKhmnDC-vxgqXarV2eL9RbXxxmqrl-eMCf2cUhsnDBOf9b9YtLfMSFElKci5IQFpcSM7Lb-CeJ1TpA82JroC3Z7Ehy41JdncL2GI1drlh9OD_bBcpUcA7VzpRNxL6OuQhCUOfnTV5dQPig86NhFhf6bqBFq2Dl5iLlsasE3QzpAKoMK-Wac3FQpAc0QR2cE0s1nqxPMMaSHM_oxsujCOrz0TVRu8X-Mqupu8QuJlfRoKlP-CM2PU6IzqOPVkfMe4nM9OvNLCsHwp4cYrmF9vyzg5CMXDKSpsfSYYJ3j3kmPpPBaL2cLincdrAdzbgDO3gelwk5aOCGlXgSBeTKw0GjC4Z-G9swROhcmT_EoJy0eBUB4mrHwFLDMLeu5XePIr0N8KVX_tREw6gLhfJXIZMmP5GuDJ2B9LT-AAw8zBwX0CTz5BxEASUi4CMQ2ySyjLNqDN_67Bys49C7cYwf0oUB-dsa9Jns0Ve_EX3VOOP6xNWAzalG0ARvJYwtQmBEvWiccCeB4DM6LAwn_Qc-sTbq_BPZ97eJ3Y0ZDaA_bqZcqSqU8kE13sFO_lu2g1cwv7vslW3l2Oyx-_fmmNz_esDr2Zg5V7G-5tBN8G-PlZKTyI2rZd6g7HNJp_-U1P5DfcusWXvAsciFS7s5o5wAKCG7X_uPjBceb-7n8lBlqdNs6-BzqL70z4enu_1QW83NP7aTui5y9M2EHi3tSms9g4n13MtCVmvoJnjS_sjHa-yjfLdRB-nF1aY8iMRju93naiN_1Bld2STyR9qYO_D6esDx7NqpFOBVZ9zITUNnoP0eKZFouZnR1bfnNMtZoI6IgsH4eZkE_BbH_DTpVIb9PyIhXWNQarpSxkQrxSaBph-MjHKy4Z6Ux8BqkYNMptYYbfobARVdEG7vehyvg-XReJADemC23imuNvJMpn5NX6ACX17T9ppjNZ_wEYt7Ik-OrvrTa_CbmtpCmDiT8i42eB0o5j9-AuKtli9jCxMHp2s4WDl0cPzFGfEt79OlE00uOTk7EPOtwjdp_aslSlVjchvkdp6syvQmmtD_yqeuglZFoItCjeh__B8J_Ac5hZWHl57OQPneNNG65-D3jgnXI0XSFGd88df97oTtonbSwbf0ttkvIGl3UpfyKP4MhGrHcsTWuA7KNqm2eUPkAQIrKauwokLbhT-592yJu7tNG--GGsPoeH8G_V_Yw5kmKcSYo71eiyrtjGNiLjkOrZsjc_J7JfvnvzLWYWMHiZcMPeRUt2mci_o1vlwR5rrBDRro-0o9rmQU_V6RmiChjQQQUUoLvEIGhrzdqIX5con4AvxMRXkTissvlfY7CYWVl4mETfDfmaWV4coV13yerrXvExEsRBRjBk2LcpesQKvwT_J-za0dOpU6lLfjnu8ZvrDtpKcaeRJYLpx0UhNz6gOjYsmbEdiyXbmhAa3zFtDhaeLFKPHUmfn_soekhK6nlz11owlcEMILudZF-IrPhyrw_UrgHJu1vbrL4xEva4iAMziQK9ZOodoluPDh4ahL0o-e4rYOPhnglvYpuNhQ_ODn9MKV_KSjs6f2Sz1EfEUax6eiNyv7YpjpmF8sV_E1PlSCT6ZJVBAHJIrriRigdp3BKacdZtDsz_UbODybOV5430C5qCPohyLHM6Nz-uMCjTJ_NT3IzuKXbxwUoKqqOj37vNHb-sStnB5F28Wii4IxzhmeQb7033To9Z085fcAxXMV6L0jEn1VM8njifOO49Ji21xKDF_Pe07NDZeTjjCMCtfqNpWAsYelDJdn8gcDpcH1XtcjYIjj-KKPNBJ94RL98So40_Z3LFxkIagAz84kmux3cDZwsPj_ttt_N0aeeBpD13eU9_W--DsAe59ndA49dJ_LHEtfDwpoD1u_lEDY5Ge-uBXYvireIlsWRcWi-tJp1_rJzqeAyCyoaRpZYdNyjjF9IgPku-mDnRUzxxwWIgooEcejMrblXvYwH-Wo5O0aDTpqLua1_DQ3hdQOhPgjs4cX00SZnLUd8O-EyTmFJcnPSZCVWqjfORx5g5wRUPcmKiT-McjTZNTTpDjibRZ3qGtNro5Lkp1aAWRthtIwct2kYyJEoBgXLmcx3hFL8G7QR70-_JHWbphL7D1uWJHtouAEMhYcd0AGzfwZDFKb3uoHh3gOK8SA5Acu4AFqBGC5zVnr_ZIbFMrdpp5bkx096Z6O_Czd48-L4NmFY9b7PQT4V5xP4bKRo_GALofKk9-pPCtcvdZ6vUjTdA2GyjI7IwO-9SoOcEmuc6vRFl4AsVFRpTIxfGJtJjigl7Nn7SKXxBZY-xhkgPts7tv0BF8FsR8QNxr1ihHsKHQRsbdifesjalHuxB7iXe5PdtK_mOCBm9AETIzs7bM9ToGJLMKPL51rJF6NPKjYawCum6QA5NKwAyn7RCKdYOgW2OMgBzp_w2ajQdo3M1JlmD0pM6wJll778uEHQ6kXBlNmwv4Jzfm2rUjD7Ic4OHuoiZLYS5h8JumNXu0KnUEU6swEmkghZ4NnvOJOwRtkFthgt5MqZoYh_DEC7CBZOngCdRnYvX4E_HaeN3NWJIJBYxXaI18Yx9OTYsyPwWoKwNzr-HWpEeXWv7akuyTtKBCJLngAFu02DLKx5Zwscs3InfyTL4NYqE9Nc5TsK9HQS6HUzvq3giEZEaAXj89100kP9xsiAsKYKphSAepOfIj8yq0Qlu9eohqZ44lqRtEH6pMTeDM_kIUUFOgl_CG8pHCfnvdmdhhdAP4rYt8HWgUl12rS5_dIe4GMDfX9fxg_YxbE0JoEt7&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9eb222ba5b7576a0b8af028538574e30bca677988d65e2e945ca159ede776a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653323780524936-8018782791222235670-vla1-3228-vla-l7-balancer-8080-BAL-2773
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 16:36:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:20 GMT

GET
H2 200 bd9441a23fb5c2c54f09.js Show response
yastatic.net/partner-code-bundles/585102/ 866 KB
138 KB 302ms
192ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/585102/bd9441a23fb5c2c54f09.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10538ee26f9f20dddba4b93cd508da65b3fb6334072a0b25d6c046deefc1db9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 140317
last-modified: Fri, 20 May 2022 16:24:02 GMT
server: nginx/1.17.9
etag: "4915830d72f11f35bee20e86b0ff1a8a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 23:09:46 GMT

OPTIONS
H2 200 event
stat.khanate.pro/api/v1/ Frame 0
0 664ms
133ms Preflight 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 86400
content-length: 0
date: Mon, 23 May 2022 16:36:20 GMT
server: nginx

GET
H2 200 8571e57c3a65a99b0c0f.js Show response
yastatic.net/partner-code-bundles/585102/ 37 KB
10 KB 269ms
172ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/585102/8571e57c3a65a99b0c0f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

00bbe99135247207572c759c13b6dc7ed94b5e5376187ec397d29d603706d52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10019
last-modified: Fri, 20 May 2022 16:24:02 GMT
server: nginx/1.17.9
etag: "6266f7484e81fb637fbec40d92a36f01"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 23:10:46 GMT

GET
H2 200 quotes Show response
nurtech.pro/trading/ 371 B
797 B 451ms
136ms Fetch
application/json 94.247.128.38
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://nurtech.pro/trading/quotes

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.38 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

23673d53eed8ae6ad7599beeeec3a0b0723f396d62ef981fa71994b513342dc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin
x-xss-protection: 0
x-f-status: HIT
referrer-policy: no-referrer
server: nginx
etag: W/"173-WZ11mJU0m0fY76hGaIlpDHxDOlM"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D18 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6AE 6 KB
3 KB 127ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6882 6 KB
3 KB 119ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 54ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=364:uniques_holding&s=0d0db5a9a93692f403af81423ab76478&__io=59ce7cdf8.91e40a35a_1653323778888&1653323779720
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:20 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 chunk-react-vendors.2103090c.js Show response
www.nur.kz/nur/js/ 122 KB
35 KB 135ms
134ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-react-vendors.2103090c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8a54"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 35412
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 chunk-4.24dd4b97.js Show response
www.nur.kz/nur/js/ 12 KB
5 KB 136ms
136ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-4.24dd4b97.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-10c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4291
expires: Tue, 23 May 2023 16:36:20 GMT

GET
H2 200 chunk-120.983fb3a0.js Show response
www.nur.kz/nur/js/ 144 KB
33 KB 137ms
137ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8268"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 33384
expires: Tue, 23 May 2023 16:36:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 44ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=696100289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=CgAho3N_S6ek6TgBcPgd7A.1&_u=aGDAAUABCAAAAG~&jid=317866205&gjid=159056829&cid=222879948.1653323779&tid=UA-6273700-34&_gid=1154909005.1653323779&_r=1&_slc=1&cd12=&cd13=&z=1027248553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 3 KB
2 KB 615ms
328ms Fetch
application/json 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=5681a3e7-4e1d-44bf-b21a-cbf32b15b3dc&sectionId=1&lifespan=7&limit=5

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

496b577f5bd7927c79923fe047d5b2100a1dfc614034ae28b2ee2c9d0c560172

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"ca6-gPeE/guJrpcPVipB4fH3hUs3+oM"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 1 KB
2 KB 172ms
76ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230a4ef4add89d8d627dfd7285f664f8b6ae588084936ca7305ace79cd1a8bc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 282003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 579
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:16:17 GMT
expires: Sat, 20 May 2023 10:16:17 GMT
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5D18 0
0 87ms
85ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvq9RBLiLYofBFICP9u8P7qKhaL-9iIZqpszI5LgPjsz8uKQoEAEgrMjqS2CVopWCoAegAYX58fsDyAEJqQKf-_EO8umxPuACAKgDAcgDSKoE1QFP0FGAKanO5ANxjeHfiVutZd_Q2-Y_nyrrmOHs6ThSRohgf7gpXgvN7cvM3BnN4z5CEg0hZMs2XCDEmnNvhBtQxew93MGqfvCkoMW8ifFU4tZyEOVfd2M26jdBigL-gl4VX1YtSLCOUEzDM9IgdHIXbzazJR-Ys1yGTpc91kzSO8tc31MYEiwaz5LtViYWQGBAhtamQVV90yImenM1ring-Tnzyj1uHANkREBiu1qDwRQ4QnT-QrRiGqQioCpISj42hVKq19L43SGRO7nz6BONQbtzDOXABKmSqeDJAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAet5aEyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQo48G0ggJCIjhgBAQARgdgAoByAsB2BMMiBQB0BUBgBcBshceChwIABIUcHViLTMzNjkyNjM3MTAwOTYxNjMYwZBq&sigh=4vQo7RPpj9I&uach_m=[UACH]&template_id=419
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 5D18 21 KB
9 KB 129ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:35:11 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 134ms
45ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-34&cid=222879948.1653323779&jid=317866205&gjid=159056829&_gid=1154909005.1653323779&_u=aGDAAUABCAAAAG~&z=1105198516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 May 2022 16:36:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6882 0
0 83ms
76ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0iqHBLiLYonBFICP9u8P7qKhaMme0rFcvfGU93DAjbcBEAEgAGCVopWCoAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M6AB1bbS6gPIAQmpAp_78Q7y6bE-4AIAqAMBqgTeAU_Q6FQOIlAnpuBDbN4UzOhKdsyB-PxP4_MhpBOaIWXf9ikaPTHDUwhntZ8droCKI9OzFjfFTuLmAVT0yveIyxuYEpGB30k_D0wDCpAVj1Y8nMFHjHw4FhOTnotOjo8zW-kWPo_8u1v_hhNvRME4xjkpdZG2PSv6OKnrqkVm6cd3oI0BKrEudneZi5cW54C-zWTUO9Hz4lb2aeCEikDPWemh5FnTo5biyrhLov-3Mpn012wxqjOXK-qpSbHojk3IO0DrwFNocoykm1YGDzCwHYqVdpirLe1RNSTGmPGojOAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzM2OTI2MzcxMDA5NjE2MxjBkGo&sigh=sTlzengD0Lo&uach_m=[UACH]&cid=CAQSPwCNIrLMbh7C6hc9N5Sn9m0_-2jwJv7k8dkbLTUFUC9gdYKtQUFgANBofTDFexmURjZI1oK9p7u6OxnHqoWN6xgB
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6882 0
0 164ms
55ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kv79Esz6RNgFyAGdg2ICAgAAAIhCZxGHVENiqhT5vhAEuItiuTSaj20rlbbGtHkAEgAA&wp=You4BAAFIIkH_YeAAAhRbqsSsgubEv_sQudkpg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 295554
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0B1F 145 KB
48 KB 278ms
176ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=You4BAAFIIkH_YeAAAhRbqsSsgubEv_sQudkpg&u=%7CFiqg3GsyDIpqd4LQDqRXOfcjiTNKg4fNF58QcO0F8dg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJi-Uw59y2z9-7RoXW9VGUm-QHNx8gBnWJp5bibwESGaGbZaE66369XU3D92Sl2RKnP8YdmQbkBa_59HILjAnaFEvCFLu_94Ek6zW8oODjYL2iiKvDE4bl4X7eL_ph8MuRQ9gchzi8trM3uNolvUP8x00hXeLtQ6skm5xc-gQF-Lw77fB11MEtzpyq8cRX-xEg-E2TgMyMSEYpuI6LRPKBP9w5Vc0ZXtOluaeOrCc2TBZWHCPg8B3Oa2e5Wallw2FaVjXV6dh3LJeC79nAErReeCJ3AR6bbwe2JAqgVaMh9C-Q6TGZObaDZpIeBX87qgAXs_aOCL6M3R0e6pyTzg6ecBFx3ewuvD_vspcSjuF_7DAdD-tfLw7ON7fJvB3_O4lzBvBjGCTrfsZezQXf62T8Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO1f5BLiLYonBFICP9u8P7qKhaMme0rFcvfGU93DAjbcBEAEgAGCVopWCoAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M6AB1bbS6gPIAQmpAp_78Q7y6bE-4AIAqAMBqgThAU_Q6FQOIlAnpuBDbN4UzOhKdsyB-PxP4_MhpBOaIWXf9ikaPTHDUwhntZ8droCKI9OzFjfFTuLmAVT0yveIyxuYEpGB30k_D0wDCpAVj1Y8nMFHjHw4FhOTnotOjo8zW-kWPo_8u1v_hhNvRME4xjkpdZG2PSv6OKnrqkVm6cd3oI0BKrEudneZi5cW54C-zWTUO9Hz4lb2aeCEikDPWemh5FnTo5biyrhLov-3Mpn012wxqjOXK-rrS5B6CcJUKP931PC4TypckkIMuTqeBQghvqUN31JPGTxDMnW7M8RuEeAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2nQGOZu1p8On98N4FmT44njXrmNw%26client%3Dca-pub-3369263710096163%26adurl%3D

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5936d1c9b5428da33f792c80a87e1e0d66076feafb3d0a4e3b6c09484f82f9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DFh08SmhOCIFV2DLb5wsXYNvV4EouVw2u9UvSLRUQkTSxujDp7nRz-ochl2zFyA_9bB0Hb3yXVBLnoEwz8FXm0iZPfr2wKpxJ2phJVzsffbIsojUiARF_tW4SacfgHi0PryJpzkWqPYBfPuRx0b-tLVCq0RLyOYeKBnu6KxO39CudZJUEZiq59U6wHshI9VEIJesQc6BN1t_rxkFyRYplaDhmYIB0yuV1IlAk5HgXRGBJBNw-Kg92X8_lcqkW0_khXkl-Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 129587004
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6882 3 KB
1 KB 81ms
75ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:34:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6882 135 KB
42 KB 142ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6882 17 KB
7 KB 53ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6882 0
0 129ms
47ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJw_EKAl91H6RNb5CMD4Xa6oA-GaDp5atgOXuJPMha3jH30exvn5OIaZrQINAqmWLHSdVSfHip1_8eqnAzR93ehPxjrg
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6882 22 KB
7 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 May 2023 14:07:23 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230a4ef4add89d8d627dfd7285f664f8b6ae588084936ca7305ace79cd1a8bc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 282003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 579
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:16:17 GMT
expires: Sat, 20 May 2023 10:16:17 GMT
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C6AE 0
0 82ms
82ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeEhmBLiLYojBFICP9u8P7qKhaL-9iIZqpszI5LgPjsz8uKQoEAEgrMjqS2CVopWCoAegAYX58fsDyAEJqQKf-_EO8umxPuACAKgDAcgDSKoE2QFP0Jb4mqviOYrMq-sWREpdbG-nYAlRxWDRkx3Xeu63gBHS1vHYxKD0ggl5XEtruLgBD38L5xGnST6DzrdVPsZcCH-WZhg9iemk2xfad8SUrHOEYuyeM65kbMTIPy5BZMhu4QO9oq-IN7RUk5Xwjcj60BVMMNGhFBLneOSopRTroq7lpF4SxbkWVIbBdkLGDHEomxtjL3ZELhgB2LL_MNa577kS7Y5TRmO-3OLAdwltXIHAq8PM7f5SlIe4Rd-aVLROye_KiN7IS_6_LzEtPLwgdxpBQceV1L0JwASpkqngyQHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHreWhMqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOi8A9IICQiI4YAQEAEYHYAKAcgLAdgTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi0zMzY5MjYzNzEwMDk2MTYzGMGQag&sigh=MZ-iAgWaSPs&uach_m=[UACH]&template_id=419
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame C6AE 21 KB
8 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:35:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 160ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/585102/a2ecfd6d1308118f09ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c349d846be6415d8a8c49d96e2dcf8bd41ee22dde8f8bce267a66488ca0d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56516
x-xss-protection: 0
server: cafe
etag: 4079760542613446579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:21 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
230 B 270ms
88ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=48081b458b818d23&pm=cyz&p5=locem&ad-session-id=4752551653323779297&utg=oxum&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=neuqvxf&sj=6LhxZKB9CGEXZivqFid2Lt74swKviS2V6jn2hL5yxAKLxzvqSTTfo7BHEnlrLA%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsny&rqs=BBjVIHXWBIkEuItiuEBNUrKT1nIPY0U9

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/220517_adfox_1902305_5274268.d735093662de7f214733da515c2dd618.jpg/ 24 KB
25 KB 309ms
145ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2765366/220517_adfox_1902305_5274268.d735093662de7f214733da515c2dd618.jpg/optimize.webp
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 45c716d5ddeaa05147ced2f83b098b06f07436f5bcdcc7d13944e90b00683a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Tue, 17 May 2022 08:48:44 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 24794
x-request-id: 2e22bff46ce7221b

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 272ms
91ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=75cac08b0103b8e2&pm=cyz&p5=kunhv&ad-session-id=4752551653323779297&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=feimoqq&sj=FSWraDAP5Hc1Dd1imF8NmnARKk-8WmfrMxzEtYlok2scPqhNUgJPIJjKcOOSXQ%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsnx&rqs=BDjBCW5umSMEuIti-CypitVpmVZiBAcn

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 82ms
78ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=222879948.1653323779&jid=317866205&_u=aGDAAUABCAAAAG~&z=407367586

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 171ms
74ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=222879948.1653323779&jid=317866205&_u=aGDAAUABCAAAAG~&z=407367586

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 29 KB
9 KB 377ms
374ms Fetch
application/json 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=5681a3e7-4e1d-44bf-b21a-cbf32b15b3dc&limit=50

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1fe83b731e00a446f7e7e404b6c62632d8a6fc32652b8ea1ef91696ac75a8bdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"755f-zCounmC4hDD61TMmzlzNeZ4ZVvE"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

OPTIONS
H2 204 recommendations
webapi.nur.kz/ Frame 0
0 197ms
136ms Preflight 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.nur.kz/recommendations?userId=5681a3e7-4e1d-44bf-b21a-cbf32b15b3dc&limit=50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 600
date: Mon, 23 May 2022 16:36:21 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers

POST
H2 204 collect Show response
l.clarity.ms/ 0
67 B 122ms
122ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.35/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 16:36:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B68 143 B
426 B 141ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 5D18 3 KB
1 KB 191ms
106ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D18 135 KB
41 KB 78ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:21 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D850 9 KB
3 KB 101ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 24 May 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D850 26 KB
10 KB 101ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 24 May 2022 16:13:39 GMT

GET
H3 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 90 KB
29 KB 124ms
60ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce196f9399c836c82ed0c48f7bb0f906d2245af91b786fc017d9b553355a048

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29450
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0B61 9 KB
3 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 24 May 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0B61 26 KB
10 KB 111ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 24 May 2022 16:13:39 GMT

GET
H3 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 90 KB
29 KB 136ms
74ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce196f9399c836c82ed0c48f7bb0f906d2245af91b786fc017d9b553355a048

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29450
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C074 143 B
198 B 103ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6AE 3 KB
1 KB 156ms
106ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6AE 135 KB
41 KB 128ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:21 GMT

GET
H2 200 arrow-up.svg
www.nur.kz/nur/img/icons/ 150 B
461 B 132ms
132ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-up.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: W/"628b6d73-96"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 arrow-down.svg
www.nur.kz/nur/img/icons/ 158 B
459 B 133ms
132ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-down.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: W/"628b6d73-9e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Tue, 23 May 2023 16:36:21 GMT

GET
DATA 200
OK truncated
/ Frame 6882 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ea23b90e7ff54235febb3c76d9fd9156768ff5a611b20a8ed632619da9acbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 306 KB
109 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz&bust=31067678

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fc0b7feb3f001e5fd17fb014530377acb4a7c995ac409c620b138a65a4b623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111951
x-xss-protection: 0
server: cafe
etag: 13144233820437547411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 May 2022 16:36:21 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame DCD8 10 KB
4 KB 114ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Sun, 05 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 5D18 17 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 38 KB
17 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

724eecf018cbe723486b8da5d9243c35f882badc52bc9e38107d6ff913f53acb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17122
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H3 200 animated-creative.7697174dad9a0df3931e.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 141 KB
48 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01083fe38a019adad84287409f155d30ff249dc90e981efe5a9d4fc34bb82dca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48692
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H3 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 38 KB
17 KB 43ms
42ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

724eecf018cbe723486b8da5d9243c35f882badc52bc9e38107d6ff913f53acb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17122
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H3 200 animated-creative.7697174dad9a0df3931e.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 141 KB
48 KB 47ms
47ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01083fe38a019adad84287409f155d30ff249dc90e981efe5a9d4fc34bb82dca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 282004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48692
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:17 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:17 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0B1F 2 KB
1 KB 140ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=You4BAAFIIkH_YeAAAhRbqsSsgubEv_sQudkpg&u=%7CFiqg3GsyDIpqd4LQDqRXOfcjiTNKg4fNF58QcO0F8dg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJi-Uw59y2z9-7RoXW9VGUm-QHNx8gBnWJp5bibwESGaGbZaE66369XU3D92Sl2RKnP8YdmQbkBa_59HILjAnaFEvCFLu_94Ek6zW8oODjYL2iiKvDE4bl4X7eL_ph8MuRQ9gchzi8trM3uNolvUP8x00hXeLtQ6skm5xc-gQF-Lw77fB11MEtzpyq8cRX-xEg-E2TgMyMSEYpuI6LRPKBP9w5Vc0ZXtOluaeOrCc2TBZWHCPg8B3Oa2e5Wallw2FaVjXV6dh3LJeC79nAErReeCJ3AR6bbwe2JAqgVaMh9C-Q6TGZObaDZpIeBX87qgAXs_aOCL6M3R0e6pyTzg6ecBFx3ewuvD_vspcSjuF_7DAdD-tfLw7ON7fJvB3_O4lzBvBjGCTrfsZezQXf62T8Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO1f5BLiLYonBFICP9u8P7qKhaMme0rFcvfGU93DAjbcBEAEgAGCVopWCoAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M6AB1bbS6gPIAQmpAp_78Q7y6bE-4AIAqAMBqgThAU_Q6FQOIlAnpuBDbN4UzOhKdsyB-PxP4_MhpBOaIWXf9ikaPTHDUwhntZ8droCKI9OzFjfFTuLmAVT0yveIyxuYEpGB30k_D0wDCpAVj1Y8nMFHjHw4FhOTnotOjo8zW-kWPo_8u1v_hhNvRME4xjkpdZG2PSv6OKnrqkVm6cd3oI0BKrEudneZi5cW54C-zWTUO9Hz4lb2aeCEikDPWemh5FnTo5biyrhLov-3Mpn012wxqjOXK-rrS5B6CcJUKP931PC4TypckkIMuTqeBQghvqUN31JPGTxDMnW7M8RuEeAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2nQGOZu1p8On98N4FmT44njXrmNw%26client%3Dca-pub-3369263710096163%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0B1F 2 KB
1 KB 143ms
48ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0B1F 308 B
636 B 129ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0B1F 293 B
621 B 132ms
49ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 0B1F 43 B
348 B 148ms
49ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XAbyzBFmQ0aXkbqymCTlEtxoLglb9mYPufrg2KzaXfUYdMZ_tkfuod04YpH_K45zaABpGgMFwN77O0Qp1haq3KEcFo9bMm4HtQ-W2BMCYSzho9U05ubKbGS3Tm4VDkEEmoIVCGXpPzAdXhF8Z0W6j5j8TuZDk637ejcFxAhssajO3_LDmQ8HuQ_rRnEIvts0Cs0K05I84zjn4xOXrWrIZw9R4XH0S44SlZ7SRgBxaogo8sCksaRc9PMe7pnxQ9zG0zCpOG5s2_w7fTvCXnHqrreYDBP-kQ_cqEbBX1fo_33X0KNcyzsyj2J4wvrkcFappoWrJH5NRyTyzayh108oe0NBCs0bEG04c7jzBocTGvCJ-99VrAu47HZs83UmQhDKrA6C2QSbqSB6H01CKePi2rFI6c9TrNzhjtLNL-S3U7CsNJKhUJ1eCdl-oQ2gXQE181u7MA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:20 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1688128
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6AE 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

155ms
144ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:21 GMT
expires: Mon, 23 May 2022 16:36:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0B1F 12 KB
5 KB 124ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 935050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1vZzvOfpJiY8SAxse4zKYtjZ%2Fka0r%2FTo%2B9%2FgZX%2FT%2FnD%2BHrDgyG919LcCS2DGL5SOM6uymsKUfA6TADpmB%2BACiwd59KR55cgESnV6H9tCh%2BEYx2JxqLGrNz3Waxygku4TJkpYFH56A1%2FxEm%2F4xHl2n8h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70ff35c23acf903d-FRA
expires: Sat, 13 May 2023 16:36:21 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0B1F 12 KB
6 KB 137ms
89ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C074
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

84ms
83ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:21 GMT
expires: Mon, 23 May 2022 16:36:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 0B1F 58 KB
58 KB 181ms
76ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 0B1F 56 KB
56 KB 239ms
134ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D18 0
0 45ms
45ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZW5V9LA65qVXgFwDJ7TrTKqGkhggHnQcB97vFi20ajkg_80fOVdN_gt44Hw_mgMCnqsbCUpunZdD7H04f7M8rs7hVdA
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0B1F 26 KB
27 KB 215ms
103ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7dd0c2f0-7867-4a72-9d45-9adb91ddb015_dba87a91-0582-4676-a0a0-60a2d81ef29d.jpg&v=3&w=400&s=5u7gTDuwV8_39ahCuaADSmNC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dd6910e57e27a46a28350040affc11c14e25c578b5657ac53313e2e7620e3c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=89650
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 27122
expires: Tue, 24 May 2022 17:30:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0B1F 37 KB
37 KB 263ms
150ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fb2e11661-b20e-4828-a072-a1d919ba832c_e4b2427a-8751-481b-abc0-8e8fe8802561.jpg&v=3&w=400&s=P9BEQrvcVjKdXsXMpChdvDPE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=491623
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 37914
expires: Sun, 29 May 2022 09:10:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0B1F 38 KB
38 KB 202ms
90ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7865e9e3-7f69-4799-8388-00d873fe870e_da728b7c-9233-4b0f-9e66-8edf570fb440.jpg&v=3&w=400&s=UZgR-oFP0VXSyoi7v97vyPGO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=505619
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:03:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0B1F 0
128 B 148ms
46ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=DFh08SmhOCIFV2DLb5wsXYNvV4EouVw2u9UvSLRUQkTSxujDp7nRz-ochl2zFyA_9bB0Hb3yXVBLnoEwz8FXm0iZPfr2wKpxJ2phJVzsffbIsojUiARF_tW4SacfgHi0PryJpzkWqPYBfPuRx0b-tLVCq0RLyOYeKBnu6KxO39CudZJUEZiq59U6wHshI9VEIJesQc6BN1t_rxkFyRYplaDhmYIB0yuV1IlAk5HgXRGBJBNw-Kg92X8_lcqkW0_khXkl-Q&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 16:36:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0B1F 2 KB
1 KB 187ms
186ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0B1F 2 KB
1 KB 186ms
185ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
247 B 51ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.nur.kz&callback=_gfp_s_&client=ca-pub-3369263710096163&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz&bust=31067678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D18 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c942c9ba704865140edcc1b3a944d7fcd0a6a035b826ceba2997ebd6e9e0f507

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 133ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.nur.kz%2F&tn=DIV&cls=cookie-popup%20js-cookie-popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F09B 0
16 B 112ms
111ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1653323780&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780199&bpp=2&bdt=1590&idt=192&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&nras=1&correlator=3349062393711&frm=20&pv=2&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 0B1F 2 MB
0 53ms
53ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Fri, 29 Apr 2022 11:40:29 GMT
server: nginx
access-control-allow-origin: *
cross-origin-embedder-policy: require-corp
etag: "626bcead-23ac33"
strict-transport-security: max-age=31536000; preload;
content-type: video/mp4
Content-Range: bytes 0-2337842/2337843
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2337843
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0C8 104 KB
36 KB 668ms
666ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d95487c66d9bc5b22c42dd6726f283eb5e86c2bf94f1883ec41acf92fbb17663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36667
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D850 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 0B61 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6AE 0
0 44ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-m7DsMJyTh0uYagXeIydMblWXsxERlTepNpyusT6Y-aw2X_Z5KhtC0_XJ1_i_GOLv2zXbEnPoofOZ9AEIlazigVf7Ag
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C6AE 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 006a309330a3246f5c17ba84e3a6a998064b43920ab65c06d0e63f9056347ace

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D850 8 KB
8 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03d9787c8b8b109484e948bc0eebd77a7bcdda90ed999c845aee6381d890ca15

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 0B61 8 KB
8 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03d9787c8b8b109484e948bc0eebd77a7bcdda90ed999c845aee6381d890ca15

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame D850 3 KB
3 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af02f946c16c11e70309f16b7b81cbfd755dfd2ea235d826332d713a23bafda8

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 0B61 3 KB
3 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af02f946c16c11e70309f16b7b81cbfd755dfd2ea235d826332d713a23bafda8

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 206 f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 0B1F 43 KB
43 KB 52ms
50ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=2293760-

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Fri, 29 Apr 2022 11:40:29 GMT
server: nginx
access-control-allow-origin: *
cross-origin-embedder-policy: require-corp
etag: "626bcead-23ac33"
strict-transport-security: max-age=31536000; preload;
content-type: video/mp4
Content-Range: bytes 2293760-2337842/2337843
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 44083
expires: Thu, 18 May 2023 16:36:21 GMT

GET
H2 200 17f57e77e5a80897.webp
cdn.nur.kz/images/272x153/ 6 KB
7 KB 132ms
129ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17f57e77e5a80897.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Wed, 18 May 2022 13:13:12 GMT
server: nginx
x-cs: HIT
etag: "78940a0c6626dcdd7aaaf26e2cd0bc93"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6454
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 f7bb2c953618f916.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 133ms
130ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f7bb2c953618f916.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Tue, 17 May 2022 00:13:00 GMT
server: nginx
x-cs: HIT
etag: "2045645c55cc2f2298c841c5687c6221"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7552
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 79e9116dc2ebe17b.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 261ms
258ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/79e9116dc2ebe17b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dde2a0827f602c25b81769496f43c629c0af93f03c36f5b3cb1db441e76c150d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Tue, 03 May 2022 18:56:38 GMT
server: nginx
x-cs: HIT
etag: "1a2edb80b83987a070afd6266f071a79"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6834
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 c54c94aac30cac95.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 261ms
258ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/c54c94aac30cac95.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ee0387813905a914438df43ca82b1865b22f00b0eabcfdc8df28c2ed5fdcb02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Fri, 20 May 2022 05:06:11 GMT
server: nginx
x-cs: HIT
etag: "3ece511ed08a115a5ea06ac137a7e2bc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5484
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 23a408be3a3fbffc.webp
cdn.nur.kz/images/272x153/ 29 KB
30 KB 262ms
259ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/23a408be3a3fbffc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f28828f3ffce25773f3c3a7abd63d463b5820d32d7951b300924a30d6632ecb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Sun, 22 May 2022 16:33:29 GMT
server: nginx
x-cs: HIT
etag: "fb14d8f6708ce9c3c0bb0e8bd2dde25e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 30176
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 9e6d8f4656095004.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 390ms
387ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9e6d8f4656095004.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

34426093732f29f1bd01a5a11c13344f5f40ebc75a89cacd15ea3fb709f55261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Wed, 04 May 2022 08:19:15 GMT
server: nginx
x-cs: HIT
etag: "404a71d37666b7bf59ed1be8d8162a3a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5728
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 60309c8a91b1ae32.webp
cdn.nur.kz/images/272x153/ 9 KB
9 KB 390ms
387ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/60309c8a91b1ae32.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8b33005798c2d2a5b248da39129831f44dec9b9fe87d988d970175597e444139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Mon, 16 May 2022 13:30:42 GMT
server: nginx
x-cs: HIT
etag: "1d097ca727bb6b93a9bcfbed4b409f0c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9098
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 eb297aabac2ed946.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 390ms
388ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/eb297aabac2ed946.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

46b0d1d64e68990d8c3d39463bb11d33eb243e54bf7865cddde2a5b8db047530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Wed, 04 May 2022 20:47:03 GMT
server: nginx
x-cs: HIT
etag: "0315d91fa523b2e8806cec4203510231"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6294
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 d6984bfbefe46c72.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 390ms
389ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d6984bfbefe46c72.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Tue, 08 Sep 2020 03:04:42 GMT
server: nginx
x-cs: HIT
etag: "160f9b58ca30130b065a79b7a3e4f03a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4010
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 90aae343c5d2d90b.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 390ms
389ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/90aae343c5d2d90b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:21 GMT
last-modified: Wed, 04 May 2022 06:56:52 GMT
server: nginx
x-cs: HIT
etag: "e490f9f130434dc1ba73cf1d0cf924bb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5342
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H2 200 app-adv.png
www.nur.kz/nur/img/ 76 KB
76 KB 134ms
133ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/app-adv.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 16:36:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-12ee6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 77542
expires: Tue, 23 May 2023 16:36:21 GMT

GET
H3 200 93f1f99e-277b-428a-b665-f7004c120377.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 9 KB
9 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/93f1f99e-277b-428a-b665-f7004c120377.jpg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2860a28662bd59b0e9a0791f7671ff6ae515940a759fc0aa0492bf6154681cc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8799
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 d067d4c7-db76-4bb2-a2a9-c532d7cb6060.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 12 KB
12 KB 38ms
37ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/d067d4c7-db76-4bb2-a2a9-c532d7cb6060.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe771fba959daccbecd0fa70a3b101110914039be0574d6f7bafd8aa6cf231b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12424
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 bf0ee4cc-e97d-4647-830e-d46ef3788731.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 11 KB
11 KB 43ms
42ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/bf0ee4cc-e97d-4647-830e-d46ef3788731.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d09e1758f32b323860990d10c992b04c90d1de32d7600c0b6b93c84a0d6336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11457
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 dac623d5-d99f-4d82-af25-fd6201ac1202.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 8 KB
8 KB 43ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/dac623d5-d99f-4d82-af25-fd6201ac1202.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44ffda1cc5ff1892127e1b29b917986e0585850496ddda51f6a6ce101bc005a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 6414c9bf-5261-414a-bcd5-ad6e0950c75a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 4 KB
4 KB 45ms
45ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/6414c9bf-5261-414a-bcd5-ad6e0950c75a.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf757cd5b2a6a603edd5967bd17f09b923fa1cc56d67992a6d048391838f6e19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3686
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 624b0e4f-dcf4-4347-8049-8b6722c93254.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame D850 2 KB
2 KB 43ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/624b0e4f-dcf4-4347-8049-8b6722c93254.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b39c4441933f26dea800d63b60324cd4f83d84aca3a087781d11b93c873ce595

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2103
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H2 200 20880df1d87f0bcf.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 280ms
278ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/20880df1d87f0bcf.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 10 May 2022 00:48:33 GMT
server: nginx
x-cs: HIT
etag: "884f457d9a18170fdbc7734fa9933941"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7404
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 3b7b0e925dbb8d41.webp
cdn.nur.kz/images/272x153/ 12 KB
12 KB 280ms
278ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/3b7b0e925dbb8d41.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1af3d221cef7ca8dd89c05d3ee6480803b0b9d1f22ab9ee5ed95635d9819ed7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Sat, 21 May 2022 13:26:53 GMT
server: nginx
x-cs: HIT
etag: "f0ea5ccd1e85812b78fd7924ab8bb8ea"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 12312
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 ec841d2277364bdf.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 406ms
404ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/ec841d2277364bdf.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

fe2b6f51a75fc1f869c0f4d3562b906021b0ddf31cb85a3b4d58c224a64bef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Sat, 21 May 2022 01:18:17 GMT
server: nginx
x-cs: HIT
etag: "005e77a740654ac2ab939914e839b0c7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9576
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 17e993e11077e439.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 406ms
404ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17e993e11077e439.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 16 May 2022 03:39:01 GMT
server: nginx
x-cs: HIT
etag: "bbf8e1fcbdf09c5e66e99fd9f20030b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4180
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 004b2260f09efdfe.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 407ms
405ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/004b2260f09efdfe.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 04 May 2022 09:43:40 GMT
server: nginx
x-cs: HIT
etag: "7fdb5d4036d66d1abc7ccf4afa53add9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2622
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 0c4ecca80f879c64.webp
cdn.nur.kz/images/272x153/ 8 KB
9 KB 407ms
406ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/0c4ecca80f879c64.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

906279f962df2b9a0aebadf33bdce9bafc4246e2cd71bc4639b91dadd27105ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 04 May 2022 06:38:39 GMT
server: nginx
x-cs: HIT
etag: "80b7c379d2473a233db800263e0b6175"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8424
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 a2741ede35e650cc.webp
cdn.nur.kz/images/272x153/ 38 KB
38 KB 407ms
406ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a2741ede35e650cc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 04 May 2022 08:19:15 GMT
server: nginx
x-cs: HIT
etag: "c7a9f05c5b9ea5483754d2cdbdd1a58b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 38704
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 889399bfff55351f.webp
cdn.nur.kz/images/272x153/ 40 KB
40 KB 408ms
407ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/889399bfff55351f.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 11 Apr 2022 18:08:27 GMT
server: nginx
x-cs: HIT
etag: "26341ecd81762334ee2c043df8b0c0df"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 40790
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 44161419789e5bf0.webp
cdn.nur.kz/images/272x153/ 32 KB
32 KB 409ms
408ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/44161419789e5bf0.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 04 May 2022 09:09:30 GMT
server: nginx
x-cs: HIT
etag: "54f843d50b313d1d1b7c57fa1196f9c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 32712
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 db6cc386c3122ab3.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 534ms
533ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/db6cc386c3122ab3.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4cbb1660dbf60f9af237723abd824a4131a65fa89db911012b21d19cc3695385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 17 Feb 2022 12:02:42 GMT
server: nginx
x-cs: HIT
etag: "e39c75ffcd47e784d5211b8cd6ab2313"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5870
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 390ms
389ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068517317512481&correlator=1036204643328374&eid=31067688%2C31067709%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=7&adks=1128891672&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&abxe=1&dt=1653323780914&dlt=1653323778609&idt=567&biw=1600&bih=1200&adxs=295&adys=15413&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=true&ga_cid=1154909005.1653323779&btvi=4&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cb1f43381102f1ca250aba891a446b1fea165a9884947048f571cb61ab68e867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10078
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 93f1f99e-277b-428a-b665-f7004c120377.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 9 KB
9 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/93f1f99e-277b-428a-b665-f7004c120377.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2860a28662bd59b0e9a0791f7671ff6ae515940a759fc0aa0492bf6154681cc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8799
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 d067d4c7-db76-4bb2-a2a9-c532d7cb6060.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 12 KB
12 KB 39ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/d067d4c7-db76-4bb2-a2a9-c532d7cb6060.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe771fba959daccbecd0fa70a3b101110914039be0574d6f7bafd8aa6cf231b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12424
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 bf0ee4cc-e97d-4647-830e-d46ef3788731.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 11 KB
11 KB 40ms
40ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/bf0ee4cc-e97d-4647-830e-d46ef3788731.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d09e1758f32b323860990d10c992b04c90d1de32d7600c0b6b93c84a0d6336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11457
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 dac623d5-d99f-4d82-af25-fd6201ac1202.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 8 KB
8 KB 41ms
41ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/dac623d5-d99f-4d82-af25-fd6201ac1202.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44ffda1cc5ff1892127e1b29b917986e0585850496ddda51f6a6ce101bc005a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 6414c9bf-5261-414a-bcd5-ad6e0950c75a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 4 KB
4 KB 42ms
42ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/6414c9bf-5261-414a-bcd5-ad6e0950c75a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf757cd5b2a6a603edd5967bd17f09b923fa1cc56d67992a6d048391838f6e19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3686
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 624b0e4f-dcf4-4347-8049-8b6722c93254.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/ Frame 0B61 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/624b0e4f-dcf4-4347-8049-8b6722c93254.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/91211586652222830/animated-creative.7697174dad9a0df3931e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b39c4441933f26dea800d63b60324cd4f83d84aca3a087781d11b93c873ce595

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 282003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2103
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 15:01:01 GMT
server: sffe
date: Fri, 20 May 2022 10:16:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:16:18 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame D850 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 14:53:44 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B61 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 14:53:44 GMT

GET
H2 200 4b0d0875e9133697.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 382ms
380ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4b0d0875e9133697.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 01 Feb 2021 12:32:58 GMT
server: nginx
x-cs: HIT
etag: "d046d50098453b33ee4f3b10e805b5fd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4088
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 e4d7c42c0c6cc729.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 383ms
380ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e4d7c42c0c6cc729.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f81b83344d1a235f54adb3800f29a31d8861f300a8b9276f5d25d0efdd481a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 04 Jan 2022 19:56:05 GMT
server: nginx
x-cs: HIT
etag: "33132f81d4242334673a13df95b99b51"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7004
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 11d1d4db3613c04a.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/11d1d4db3613c04a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 15 Mar 2022 15:31:34 GMT
server: nginx
x-cs: HIT
etag: "4c0a1dfd5445b19dcc1985e89b24209a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7766
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 e2df3b9d93409a0e.webp
cdn.nur.kz/images/272x153/ 2 KB
3 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e2df3b9d93409a0e.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

60fc65fd65b05a8b21077c30c511303f4cc9d9a659226b3a279d1ee2f65fd35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 09:10:03 GMT
server: nginx
x-cs: HIT
etag: "60cacce7ff64f9c72173c7adcab6031e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2340
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 8e918abc80e37c61.webp
cdn.nur.kz/images/272x153/ 45 KB
45 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/8e918abc80e37c61.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 20 Apr 2022 11:13:12 GMT
server: nginx
x-cs: HIT
etag: "d1e68afbf026dac265ad137f74493c63"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 45568
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 2d9e26a6df21abe4.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2d9e26a6df21abe4.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 26 Apr 2022 18:17:11 GMT
server: nginx
x-cs: HIT
etag: "629a6951f2e5ea0715940db60ff7b819"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4678
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 dfd8e754c605581d.webp
cdn.nur.kz/images/272x153/ 2 KB
3 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/dfd8e754c605581d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

030011375e134406b94777255c02b5c07f450ce5597506bbf198cd4f958a47c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 03 May 2022 11:43:01 GMT
server: nginx
x-cs: HIT
etag: "33230090edbfa4cef49560b53c72aaaf"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2460
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 587e6197ab227cf7.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/587e6197ab227cf7.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5324b70acffa135875d1bfec7ea87d058005568791e54ba4b8410fb2fb1739ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 04 May 2022 01:43:27 GMT
server: nginx
x-cs: HIT
etag: "a01be8518556de8f39af9d1287384468"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9616
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 7f009a5e4f386b60.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7f009a5e4f386b60.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 18 Apr 2022 10:50:57 GMT
server: nginx
x-cs: HIT
etag: "556d973c158cce17b9b7e0fe52548eb0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3324
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 7850210159a320a6.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 383ms
381ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7850210159a320a6.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 03 May 2022 16:50:42 GMT
server: nginx
x-cs: HIT
etag: "d477fc283b880dc8c08ad1d24fac1df9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5264
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 366ms
366ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068517317512481&correlator=1036204643328374&eid=31067688%2C31067709%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=8&adks=1532786909&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&abxe=1&dt=1653323781068&dlt=1653323778609&idt=567&biw=1600&bih=1200&adxs=295&adys=17325&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=true&ga_cid=1154909005.1653323779&btvi=5&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0108652c35c72727a1bc3de4ecbb1d7a08173a093da6787ea950fc8d2d9eec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9493
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 49cf8b949283266d.webp
cdn.nur.kz/images/272x153/ 2 KB
3 KB 242ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/49cf8b949283266d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8dd35d1f4d63e0f97576d7c4b80cc25ca699e9bcf47d335d6cfd5e805c16abfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 03 May 2022 10:39:56 GMT
server: nginx
x-cs: HIT
etag: "9adfc7b3d4b3add5ff1b5da8c98fc540"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2294
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 931113705d9e59f9.webp
cdn.nur.kz/images/272x153/ 10 KB
11 KB 242ms
239ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/931113705d9e59f9.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2fd1487d2d13e74a3b0c78b45da188935df2649f5731652d4c7c8fb9d2703eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 12:20:35 GMT
server: nginx
x-cs: HIT
etag: "1697d3af7423eea28d8f813638759c39"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 10460
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 a04e393c1557e473.webp
cdn.nur.kz/images/272x153/ 9 KB
9 KB 242ms
239ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a04e393c1557e473.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9174eea7949c646792c31146bbd7aa4dd683a06a86bbaba32a2853ae48e937c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 18 May 2022 08:56:41 GMT
server: nginx
x-cs: HIT
etag: "3b5befe0121d75d202dde563eaf4a2b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9356
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 03082a2ce3c8f96d.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 242ms
239ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/03082a2ce3c8f96d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

24dee13b203fd39b9a5b1cce2982a7421774ef381b9fdc8159ccbf471cd3858a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Sun, 15 May 2022 04:12:41 GMT
server: nginx
x-cs: HIT
etag: "fcc5325e1434f4ad273f6d32cfb04efb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9494
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 e4e7a4ad4a3ecc66.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 242ms
239ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e4e7a4ad4a3ecc66.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0a4f02d3e519d931493c05b4b08f659b9f75aa9d85403f117d6d3d11b3206d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 17 Mar 2022 09:08:55 GMT
server: nginx
x-cs: HIT
etag: "7c4660836043903817521919c74e7428"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4702
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 d3610ed0d8e6c470.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 242ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d3610ed0d8e6c470.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b74e42ca31f67572e060c1c425b73bde09a3894bb37ea244c2a46b5489126034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 03:53:17 GMT
server: nginx
x-cs: HIT
etag: "6cb68f552dfe4e268c3512413b34bc68"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4958
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 5c3606d99399951b.webp
cdn.nur.kz/images/272x153/ 28 KB
28 KB 241ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/5c3606d99399951b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b00681f14bc02a2793216636b8b0ffa59647ad8682e933f6852d597c90b24941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 03:06:03 GMT
server: nginx
x-cs: HIT
etag: "a0999338bc5e24caf0045ce8c8dd7bff"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 28358
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 9fe66a76a23bf380.webp
cdn.nur.kz/images/272x153/ 13 KB
14 KB 241ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9fe66a76a23bf380.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 12 May 2022 19:27:20 GMT
server: nginx
x-cs: HIT
etag: "54ecb2f7e2b0f36f1a46b886e547f7ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 13604
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 d9a50b426785495d.webp
cdn.nur.kz/images/272x153/ 21 KB
21 KB 241ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d9a50b426785495d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b9ac03518e33de71473f8d2451dd4f9b997fbdb5bba0e8e476be0d6a5cd8a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 12 May 2022 01:58:45 GMT
server: nginx
x-cs: HIT
etag: "f3a354c1aa62f244755722058e1b09dc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 21618
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 88c63c8fb8e19346.webp
cdn.nur.kz/images/272x153/ 2 KB
2 KB 241ms
240ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/88c63c8fb8e19346.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Tue, 17 May 2022 03:17:40 GMT
server: nginx
x-cs: HIT
etag: "092d55ab4ce6596e16bf2f868178199e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1642
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 352ms
352ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068517317512481&correlator=1036204643328374&eid=31067688%2C31067709%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=9&adks=1343048513&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&abxe=1&dt=1653323781211&dlt=1653323778609&idt=567&biw=1600&bih=1200&adxs=295&adys=19236&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=true&ga_cid=1154909005.1653323779&btvi=6&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d5d8a1b2f620565ed85b0bf7cab850f653cb91d210b130ef99a29796711a545f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11459
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FCA9 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D0C8 8 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 15:32:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 16:36:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 16:36:22 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame D0C8 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:32:10 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame D0C8 21 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:35:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame D0C8 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0C8 135 KB
41 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame D0C8 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D0C8 0
0 46ms
45ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT83rnPvlNx4j4aLXe4E83nhRNP1XOG3VvfC9iZeoaF0IuaP4H1JntmHUkcGzcJ6VSUxtL5rPEk7DWaph_4WCpMMuOCpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame D0C8 30 KB
13 KB 220ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H2 200 de457124078ddc5a.webp
cdn.nur.kz/images/272x153/ 55 KB
55 KB 132ms
129ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/de457124078ddc5a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

def9499d85aa9ccd146cd3fbea29d13641bae3d699c0a55e57ae2f8cf5b344bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Sun, 15 May 2022 02:54:13 GMT
server: nginx
x-cs: HIT
etag: "80132ff4e1e9ecbb16676170e57328a1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 56334
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 93040769b8d83977.webp
cdn.nur.kz/images/272x153/ 15 KB
16 KB 132ms
130ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/93040769b8d83977.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Wed, 18 May 2022 05:16:26 GMT
server: nginx
x-cs: HIT
etag: "97af685ac3719ce75ca39c9460ddea2d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 15698
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 2ef1a144757381f8.webp
cdn.nur.kz/images/272x153/ 27 KB
28 KB 132ms
130ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2ef1a144757381f8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 04:43:14 GMT
server: nginx
x-cs: HIT
etag: "5d98f2d0ff4d3900fa3d957e9f207358"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 27886
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 f7f64138628185aa.webp
cdn.nur.kz/images/272x153/ 12 KB
12 KB 133ms
130ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f7f64138628185aa.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b17ba3329aeed8caf7cd85db62cde9c5502325c5268aee997b89ae939e4d3a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 19 May 2022 08:19:44 GMT
server: nginx
x-cs: HIT
etag: "5b4f82ef441840b0aa3dd21f80976bc1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 12472
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 3d8b6eb8b9eb47f9.webp
cdn.nur.kz/images/272x153/ 10 KB
11 KB 193ms
191ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/3d8b6eb8b9eb47f9.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

cdf31faf3dd8935f5ee63c1a29cee78a7921ea31fb3cacae156773602ed576d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 19 May 2022 08:03:27 GMT
server: nginx
x-cs: HIT
etag: "57b40556d23f4c536bfc0987ae44a9f1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 10582
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 e5898343cf49d79b.webp
cdn.nur.kz/images/272x153/ 52 KB
52 KB 195ms
193ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e5898343cf49d79b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Thu, 19 May 2022 10:35:05 GMT
server: nginx
x-cs: HIT
etag: "26b31b00772a99526d7a58bafebe814f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 52924
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 bf6de423e75c760c.webp
cdn.nur.kz/images/272x153/ 25 KB
25 KB 262ms
260ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/bf6de423e75c760c.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Fri, 20 May 2022 13:52:07 GMT
server: nginx
x-cs: HIT
etag: "dd23efdcbd37168f2e28ed8d2ee69e70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 25156
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 17ad01111e395198.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 263ms
261ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17ad01111e395198.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dd74716dab8ccb5dee6626fa4e1a72eb209bbee5174a3e0862290c0756c53c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 03:19:15 GMT
server: nginx
x-cs: HIT
etag: "603e5a3e68ae0b328cfa2cb1466ba898"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6866
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 7c852b71d77dd413.webp
cdn.nur.kz/images/272x153/ 4 KB
5 KB 263ms
262ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7c852b71d77dd413.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4afeaabf4ec01f41d4ca0068d75d70c6231ef7b0736a89b5d011a7089fff0e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 14:04:34 GMT
server: nginx
x-cs: HIT
etag: "5cbd15bd80e5678612b81825528bfbff"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4532
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H2 200 301277d41fb6e4d8.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 264ms
262ms Image
image/webp 94.247.128.34
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/301277d41fb6e4d8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1bf97059c673348b39ec51cc87cf13f2f4199fce6b40c2ed339631056bda0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
last-modified: Mon, 23 May 2022 08:43:03 GMT
server: nginx
x-cs: HIT
etag: "521c67f04c2b50d23845d25f0cf28279"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4960
expires: Tue, 23 May 2023 16:36:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 217ms
217ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068517317512481&correlator=1036204643328374&eid=31067688%2C31067709%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=10&adks=1445621461&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3De97271192f7707ca%3AT%3D1653323780%3AS%3DALNI_MYq1SWUfAyoLnjZv_oVFf96QcuBEQ&abxe=1&dt=1653323781515&dlt=1653323778609&idt=567&biw=1600&bih=1200&adxs=295&adys=21247&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=true&ga_cid=1154909005.1653323779&btvi=7&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0b68dfa2506fa6c9dbd1b5eda3dfb79c9e1bce65ea5231c1109c79bb03ac8f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12391
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D0C8 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl25fBbiLYpvAJZeLsgfIwYWIC_iIzZJqsvnM7-sP07yznfgvEAEgrMjqS2CVgoCAmAegAeyxw4YDyAEJqQJc2sKbMNenPqgDAcgDywSqBL0BT9AAConayhxxaTwPDCI4u8a0mSq5836P4g4wqkEpQNNg8IDxIPovYMXwzkIla_rnXUSLjgFEiHnaJ4J4UanNjkRhR2UR5yTkKuMJkcSiA3oTMKXmf-r3bNbzpoYoI184aRDYH-4RO2zC0jOsyI5lqlyrtu0-T0g5PlM_W5kSO34PVyJJ63W7_IECsJWn177FrwLZEhG7CUFCqPu6YsGcJHmOsa8p1Y6nhJv5uppZ0I0BVXdRuiJXvzKpd3PewASpjPeJ8AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHwpqTtwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDDoA3SCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTMzNjkyNjM3MTAwOTYxNjMYAA&sigh=CMsHoqq1ebo&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 23 May 2022 16:36:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F79A 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11217018821796108003/ Frame D0C8 13 KB
13 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11217018821796108003/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d962fd397e14db59c75a84155f9f054d89c55ae138cb1e348217c3b7e22c796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 00:13:12 GMT
x-content-type-options: nosniff
age: 577390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13077
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 04:13:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 00:13:12 GMT

GET
DATA 200
OK truncated
/ Frame D0C8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D0C8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 99ms
99ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=8216b1f93464a6cc&pm=cza&p5=kunhv&ad-session-id=4752551653323779297&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=makymsy&sj=FSWraDAP5Hc1Dd1imF8NmnARKk-8WmfrMxzEtYlok2scPqhNUgJPIJjKcOOSXQ%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsnx&rqs=BDjBCW5umSMEuIti-CypitVpmVZiBAcn

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 101ms
101ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=d5ff22a9fbfd27a4&pm=cza&p5=locem&ad-session-id=4752551653323779297&utg=oxum&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=dvpmtqq&sj=6LhxZKB9CGEXZivqFid2Lt74swKviS2V6jn2hL5yxAKLxzvqSTTfo7BHEnlrLA%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsny&rqs=BBjVIHXWBIkEuItiuEBNUrKT1nIPY0U9

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 container.html Show response
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0032 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:20 GMT
expires: Tue, 23 May 2023 16:36:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F1D9 1 KB
749 B 37ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D0C8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e783c361f36ad019cbd4a40aa6368c06df5c128334a7c9fd0333bc37a4af4fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame D0C8 28 KB
28 KB 125ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 498162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 243D 624 B
297 B 51ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNWGGFpVJ-u_a5TOBzA7jzL6Y_zeJ6LncllPAV2iBs7UxfpvKFyORdoaNixIMJ5ErkG-xgEvXt8lVQJnuziNF3nrdIwfHYNlUzBhZ260MPQzmMBtW5QaH5HHr4bdG3CJHNZO2T0UKAF640_vPNOeBgTpgvSkJnMDyk7QrrdxTxtUWzJUFTU

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 091B 78 KB
32 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHyOZxf_XOCGAodRSC43afixQZOGO5T_bnAGJVHO27_QVqG77g-MpCKupSVwRj5p4NYq8AiEQhH715mr1hn7UA8-3mRkOkZJNLE40G-BfybZe3M3QfIiqL0HviCEgi5vVwyeLRxMlYvzV14vNg8uXkCDdfdQ&dbm_d=AKAmf-CWn7PWPCq_Bg0etIa8mPGPLpPci2j7TiVMN9buEse2C2Tt8XUhGdsTXKs8ojDWJ3VMVbNFBQBK6q_mHZEuZg_XHYTyeern8g-RFm4q1laUTSZbcRlQZ3aLKwtGwz4CUTgjUL1JkeKuVkzya5x-R3B-MeUZsWvZKlfWd2FuyWeAcasAP58DCjYNGiIg2TaIWzkhFlN9M6DdTUr9ah1zo1hvv2Hv6WL4LGOwlzyD-q0MO7M20SYTfotK9GbeTsrVYLGDQhM9oSvBa0HC0TBScv7LYU66o9zC-4tSDLIpAd9dPnmTM0SD8_yde4xvqPKYwtVB7aocXRHDjhH9NbKI3wtkrWCu9KNPu8xRIrzPMm0mcy5Qp0VPmq9vtTcYlmO5YPulTTzfNqAwX06c9ruWZC4FJ8cLAipBdSDX_kErMZ9C1jtf31XjfekaTSQWy-5qxhQ1CIGcRlzhg25Z8usEiL8R5RVwowk--BW9q4aUalXtbVy6PZY12fK8-NaKmsVoYSpWu_XmTghoQ_7pngwLqyRxquSUThxTYa_2Zr6UymyJUNbGtQR1pem-bXKoESb2b5bkwzP2HeyD6iyaweTXhrvWDuChWBJTNdYgh4t0INKlJU02yw3Gd6R9zCHgXXB_rc77wct_-gsp6fDgcyY8rpR_nO9llWwsHjS6eEuAcUvsq_P2FYGEgvJiLuFHzA1w3xIUAtvFXeFPjROfymrVfPUjLlZnUB6EmMiN2lzYVNBaLQY4Y8qTc87DjoK_2JJx0Td7Vpecaq8nEu8rboORducPPx92ak8MlhXVn0CDLZ3KNGRv8kJxc1MgW6Ji6dtFN6m7jIB2FYKmGrMJrE-FHLiIEB2VFW3vxJxRiEGBvm9G484tsgwXW3g-75Z8JIexC3e3JzutnKvbnu_Jj_Wf43NGq5KBid1DmXWOejuChEwzLG4EDMsOlHV2LaM39Z3YMtGXc115sE8mRHJ3sEIWBFim6rMqOLuyv1Brn8CD1qxP8C5cV_dYe2cHoEsLLD0Wi3h_4UmOTpTO98LKvXFXWnLv7bhytdWXlkr5YHKDkjVEzoL6mj56BVMsBhzv1c4QzxFB9ROjQCqjR3vTfwsALsz9BDnOraJ99m61lfT3SQm-V_0hgv9WfDknMOc5t6PteiiX4GoQK55cvXgEN2GI-rAAsrXJz0y58pCmWJq6MNTj2OxjkzayuPx7MeZSbDiE_aYoOC2EO3uJsyNeisOxkpdSWVyeln13M8HpJl8H8gC1pqgrSxRcNgV9gn0Z1obn8BaZD4gHkMrY1k6MGSJKOUCtlb5QQSYyZktKWYzLv_3gmqeL0fhiKsIk1REBSln5L-6NQiQFqXGf53jgDV3V3-YJV7K9Fz4CcavzW9ta0QU4Kewa7_j0u1rWl2H1tiifT3h36bBrzjV6AYlfKZG9gVOAsA6TyN4GL3mfPep-0vHXLPQTfE5bXHp_-z2lfG3VApjwFRq8j3LC4zhw2ZPUQ1dMczzwP9IxxIzX3dTPliskIt7EsRYbyo7caD8TmAmBhxvj6Z0Usb_zPCBMfuKsxGNQqdkqgYEE9oJ5bqvj5t40PKH6gowsubI8Ni65bq5afsz6HI_F7kEuxsiX5WpaSST_DhddIqJyKJsqhWL-AqU2nDMXTu1lJIncewSyTdCynzT-EXOSCsPnR6lpfW74XNdwItVkmHQiq9wvuQDvkLiZFbBJGSTiWJB-VK9V2C2J5Vwl9vEO-uUUTCgAykAY-53TYq8kCew0uk3pB_eE7nHSUQ0kfunhv7s3cGgS0H21_LglOhEcFOLWoOxX2MCIKdAlKNm4DSErwYib8BfAlhx1-9S1RtFEAl2nXvf85e_NRLnWHD7r6I2zC4FCa1UxXSse3tXTp5Sb1iprbnOcR3LXOwZJBFVT8jK34bofAjTtM7FXpo_cYbeDp_fhQ5WUcJ6n44ApI-BklibTpokYCgt1KYLW31EQY_PZOapjHuOylWYVKNlLsLIhpQLVrt2Rl7nb9qPSUfrEFxxmjyhXHf0RX2CDVRArvcZ51WIwvcOkC19rp4ImyXGoPpbbr-ToXHVTnyxCsoC2ppY5R_qtHpkT6yPUwLlxLEkFveI9QBJO0ZNI0fxh8W-FnY917hbk1WiKAc5aRc6s7RCwnTSBFjMYk7-rfzF2rvjKx7Dlv4hry75c7UQ5xhOrMODu4VKjH_nAeDuPdQ1A7cYL9ADo8i026bRW_1onwRKlBZH_VauXP5rt28SmlvkEdFklOBnEYBHnT1NIBGvUcILW-y8ayt30uxpMTYnw2vfisV_ralQjGNhk0ECcDDqB31jw_EwCh5AP4mX3D-H1Q2pIeRNdDPLbKKDAXAQ4VKOJLYwSTDNNQunpJmIVQ8kurJx6w2CJH5PG0Rh3Pb47_RuRNcf6kyFN7kVKnWFqOQo-5C58DjLBLfPdv7a3xPia516TPxhsjXH3PMCJiqx6NIPT0BxA1HwszCsPpuFTDDVJ6ToExxTMkyrQeBo8GDoG0YS34ceQFXnE1Za8_IMYFvdLoxVGajt9y04Nj3qNHeU78uPaRsP7u68Q08wyMdYZ1soeOuBdtf8dd2o91hjnVBBHPzAJzESoHFCVVU3zx47OyP0xZ1P7RqBRTHFiIzi-XgXqiWjG_wPpaa-hm9Ow9WjRG8WGAZznLn9IEaZzn9T5sVoTuT9OyUPppCQrAHkif6aBqdO6J5ELHdZUtEk1fFgsNlKCrMx_Dw9xh0IPlCuEM7LKJ7E68PX00VfmPowEfymxBfqKi0GcmLe0vMY_u2P58xOAHkp0ShJf150vpsAwcjpmdBk8YaDv4ZcqaDd_JvTAwM2YPPmHKnLQpZBq5jG3m4-wZbzMxp9E0EFKZj1jeE8lnmOBN8g13TSCmA6pEKN6nYFEUuSsfbt8tPI7o0bRYbVRS4CYjArvN4wVzJO-sgW1jG58hSV2WIRLyxCoH1U2Xp9I04m4zu7j-RcJJZ5OgWLCrFcdOxJ4Ym7Nk14r-v6Q8txtSRyorM5Ve-OAafSaQBWGUFGLB7e3cc0wTf99QN4TMcowYVzhT6ZzAyWg3GGXbWlM4tQJf92O&cid=CAASJeRofteuouLBBxVnJyL7nDO7ApOsu-phv29AvdViBv3BwrPIKcI&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ad610b236338369836c019317b64dc48a5d3b73871a0360bd6fd6b2e852abcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 091B 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 091B 136 KB
42 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 091B 17 KB
7 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 091B 0
0 47ms
45ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRl4R13bzFqqNFzy4N2bzxAvdtuWfNAcixYhlnEuwQjpGLiQtUrvIOWnphzbfB08GqeZDCEkODnsF9LACIKdMZDM5DZg
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 091B 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLUA58IYrwNfnAGFyW1ldmKSeKUXbhRoZwJieq7QujZhWJH6J79lG43SVKry-ISOTFozOhe5slKghmZVxmcyCDQbBmslpuqiFGOVki9cIGqvn2lmU

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame 9489 220 KB
61 KB 142ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 09:45:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 9489 14 KB
5 KB 205ms
102ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 09:45:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 9489 94 KB
28 KB 211ms
107ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 09:45:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 9489 5 KB
2 KB 225ms
123ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 11:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 11:39:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 9489 40 KB
13 KB 226ms
123ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 09:45:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9489 8 KB
892 B 122ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 15:33:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 16:36:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 16:36:23 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9489 3 KB
3 KB 37ms
37ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 38206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6726277462267614359
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Tue, 24 May 2022 05:59:37 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9489 344 B
375 B 38ms
37ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 35409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 24 May 2022 06:46:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9489 0
0 79ms
78ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkiA3BriLYo_xJdb67_UPxK-3oA2O0fPvaciwqZqeENzZHhABIKzI6ktglaKVgqAHoAGIqK66AsgBCeACAKgDAcgDCqoE2AFP0EWAe19j7fHf2XzxSS50YmO-iB5JP-yhJwpZW42YZ0Ep-TZpWxN_4HqE9wZK8h-mHdYFFa7xbXCBFgnu_fx5XHNxkP7zbEzi4y2s8X-8H-jak2HxgNNQg7kjN_e4uHPxb6w8cXKwQ4Rw2j6uMcb4deVwgNckIef_H_YKAi1ocMomaQwHdtTokxRPxZII4zKh8xXzlZyxAie4S1ZTHACwR1TgvameY9iVNpSEVfi_YE8XuJ9C6i9AkeRci2UtI70pOy0TApajUbuwsAr4_PVrvSVQF5yRq_jABP7a-_KCBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfg19HFAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOnDBNIICQiA4YAQEAEYHYAKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzM2OTI2MzcxMDA5NjE2MxjBkGo&sigh=asdQJz45tII&uach_m=[UACH]&template_id=5000
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6401189341559351647/ Frame 9489 19 KB
19 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6401189341559351647/downsize_200k_v1?w=400&h=209

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf575110f00bcd665556f5ec69859ed96b330561a00b8b63308381d5858d915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 20:45:55 GMT
x-content-type-options: nosniff
age: 503428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19703
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 08:07:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 20:45:55 GMT

GET
DATA 200
OK truncated
/ Frame 9489 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9489 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9489 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e20ea70fa7f56de64cb4ee68a8001d031418dc092e10b5cad1e0c1287a1c1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 125ms
125ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.35/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 16:36:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F0E9 640 B
316 B 52ms
49ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F79A 77 KB
32 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtdG0YbcuY_OpG_gxejoWFu0jR4a1EJfXf3w3Id7zwLAXhg1NNT8rYTTBIqYip8DunCUmX9HiqPevLIek5ADwF5kqC4g&cry=1&dbm_d=AKAmf-DeqzgreFDbiiJUNveyhl_wSZk1N6Ddos4cyvRGL0OkK-8MHLrsy7In2hJfpWFkL1IfM5zKQ5IhuZGyfxZGu1bTkaORBiUTsAo3Ze5IStQXkV6nlRSjtxNStrli41odckJGU7_J6KU6Gwy8s86L4usoblEES4LP2WObMumTSoSEJsXSmamnB_zG-oRLGrf1H5G0rSHn6fhF5NFx525qTQj0wjWQ0rDNoGDKtlLPk6OmvydYHaWa_0S7v-FYSXi5rbshZjtfvvgCW866zoL75U-3kpwGT028V4FQ6FKJil7RX4PKgm7NeO0XD1tmMyZh35G5kLnbTDvDi96ME8TUxftFBj75EPfUo3kMfXIofN384WgS7rmMBUNRbptAczWDns8AFXA2-dcaTrKYXDk5U7_6nhg6m2JEY1XxpgyjbBk6y9knis_rWS3XiC3uLwmjnDjIIMhYJ8HqHnj8B89iTUtJdkbNq1tT5bsvsZdyVaO3dUCFjgjdpJVIGZGEOkFzqTxzdqCdg1hCjoJ1zaza1zAHuwRNOyXJ881Pq2v_BqE4ZBYWbAvgwb8aWBbU0fS7hKjcwIdtW_WD6sTfn3sNrOKElqj6n4JqCHFYcAES8arcZCkiw2GhqTNXGMJpWkTloBDraBJD_H0N41Z_K0TkTrW7xc7WIuWAaU9Odls5OnIg-1aUKLjlIrR_bDYIhAAOw2ZLjYuR4ewJ66u_AFax56JIwRe7lRITwZYuIIlN4m-LM4TdbO8KD_vD6GoOTaFJq4XyMrmOwEhO__DLEf_SozJ88oOzDUIII-SEVJM5_9XJnJuF9lLTH9OPA0dADKu3QN6fZg6KWfaU7-PB4c5KpgvtR25ewm6AW_LApwBKlDgKRp1A1FvnfX7hFvZUx9HZNNq0b04Fy9KeQRX2mRTDOSuGZJSTUjEiH8oSXGtSSQK1xkhX3JsxknSGa8TN9fF_2m0P91CFoNfYUwQUdhtrVtGt47cyTmT1Vo4IwXIonF-9Xa3itQrWgMY7IbwoVpMeVR-xqeVglySZLX-U_sG6YJli3pRAnWID_z7o8cQKBb36TYutPfJyDVblRRH0WCPWWuYd0EUcEBMAzJRvmCCq0FPCjh9T7zM6iYJbI0lsUa4rwPUYOVZt-Bi8ntY5hn2T-_eJq4oHPp8o-QxLePE8CPPDYnHfhokaHe80SFa-BcHeCrze4LigccZypFl972CNZO7N8hRM2eCmNolteYTTs3mnGA6JlzrDM4SJ-7YOmPCZV9znwk7iHp9LhGu-dACcnP9L5FGDD3E2mY3AephkqdwP61SfbyfFR9x9CAPws_mLIhoAXTR_4woMbu6AbxrdiqtwIBBFt9iwbjqlvzIunTIRvXJh3Cm7h4W9sq_ith_UNETUGsXie8Wx7IcQw_FTCLFcoAchsYGBhKh9QtCvnXBQLnAMLYGlaTmeRo5ThofHtu3fFJ0UYSsk_DTzOkn3tJyLdDpzFk6fVlPVTRxacTAeAcO2abg82v4go427enP-JKfrt7LArE9K9mh_Wq8PANSWV3QXJO5L-L79na-_Gm9gwthRhqM3qdMRg1NB-5gV1HXoEdZXOA0_Sni66QTvFZmeh3bLl8LG5ZyupH-3EQNnwyV-GVUoYA8hDDHkbJHQaDuKJRgBNiWH4Y-TS5qgsNHMIpZDbbOvCdblEKtrfLmEaZRrAc333xGzEOeYG0-LtASFNiTXIncksN3ZOSGdjIPNBK3zDJUlwhRpqHjKPDStv2XkgWg7uHNKvCzvR_S4MHHn2e8hpYyDvTkD-ef5r3O73_yfv6-I6ihXXZ0_G-H7m_pVSyeqQ_ppu7Il0aqHifSZFQlLkyrJm_eW7M0iiwzL2exe9hSkw3PjUF3Hw-BCy-g7C-sAO4SyXp9mbPDuSeG9cq0SYWGu7Zx4kcMa1lK6o3AXpEr2NVls-_1CTPVfE3VOu8sTzn8KBxN-AFbmKJOJcsWJZsUxEAwCDW27nzJvvZqDzcq6jziaASohlh-2MC6plRsBbqnrg9JlM7UDxCwKemDvHmY94iM3v3ZZYCiMh3Y4bPkHrVNTYnVPDxstOQcYTHiPY8elSAeOcUX-2x1EerjhS7b_5e46vi4tnKMWfBGzIx-aFg3O-f0TssicYSC0LRSRm6aR-Umh3XQoK1z9J8Sfc2XmtFsu6WzG-k3y88y5OTYQUy1DyV5MnVCBNcuUthBqC8LHFBOpGcTEyDF-3ctCXNMjSWs6hnrTtI7z3SRGMX2gKoMO1Bu7xz23KMQwLZ153zHQCev36h6qac6hPRg8X8qcSDXVZZMN7Df_9FQKRILgGQp2kX3YzV5UTJ406O-taGsoghLLMcjkJxAlMfwnURYpIdUAd1FPtPRP_Hy3_ZhzpgK2vNLA_puLQUACFkUpHHgIqTRXN4U1gMU1avj_DIpLuERFdNMGU1RqRta48eftJ0t9DMZbyZHMuA9fPBkceEQ2mPhD4otZcV2wYRqu44nBh43zJYC4yk6xAO7SQelKCLlW1aGk7vayYxktZsKVVbxCi762LlDe68CcT8qTk4ewEVUcF_bxI-9fh0DJHx7EaCLOE2E6zCvOWetFwEeVsre__DUfbHJFjfAHG0qIQe5WBXpDnG8JMMxaaiZWDWa_CTkyW9-OOqxvxoIHv8XzfpUeoIdXlfVcf4w4bxjr3trXwHVpPDrDO_GwRhK2DINlG4_9K7Jo9T8-T8FkekBpY7WxFxd3mznYA3K0QD0xz9TvPUIgu2-7lziTt7l4umTTk1xmjNoxgOBCmNGcNivMSgLp6wW8XYT4fpSPsWyMafVMEC-S32t8qpFPeQ2Q_hot9d-jo2YJ5_AflPR0ZeAriMfOgn84zORBsKdM2F3PMksHSWeId3ARxGt7wHGGZ9b0FH5SAJDwApj8k_r72NbkS_BP7jFIktv0jZpl2ljriubKmFHth5CCgQ-u-LF_S94OftoHGtNDAGWyJmP7VXm5Ulh0GMl6F38gtTH6g2ikevZUXM5QQ3kxi-qfZfrq_PCFf30gYQoLePYZveXe8NCogxq5_KrOyLkJIoPRLRJKbOodpRoMvwop5agKJSc0GzLYaOwDV_i6HvVwTZbC4bEBcBRNYCF7py7D5zCBhTU3zFRSwSp3ta780phh1V9isuIgkbJXSU6PqdmHQ-y-7BGmoRRtpznfYH_ktNSoqM94fGn04gSqRR_krldGaSTTK-YEGEern3VdZJJw5Ls7tg&cid=CAASJeRo-XcYD3WU8tYVTNyb-zN0ZbgWmiqLc7Q8N7_jRruGkpOlgv4&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146fb10253b24be161f635016a1f3e91360b0a8cc7294b3f976a46fb3ab9dab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F79A 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfgfrfzHjNg_Luo3ceW9U77XWyx2TNpNCCBVeQsIYDgdhFFLQoCv8OwXUGHu8fHpEcoMAfb5bt__RQdKnkv2JupRr9eJyEdAljvwyc_DDIE4ugMAg

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame F79A 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F79A 135 KB
41 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame F79A 17 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6507 640 B
316 B 51ms
49ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6D3 14 KB
10 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_5cw9JFaclmG1u_bZ8feLZdRSFHDK-oRSpXQyTyFiAu7l47w0557CIwnXJw3xQLxxMzPqS7jK596SKOAU_0O1w4VscCLI9zTyru7fZCoYw3bxYkGyKr4PbcgeokAT8jmZY9JcMcrvoBxOPqduCUn0y_xQTA&cry=1&dbm_d=AKAmf-B7jnrfng4-URLLmdaTsSpqZC464yvJNVCe5QCuvnJfRbJ8nQY8jZTbPJRQyC4Hp5281rGAuKgWJQ6mOxiB07tLRmgETAHP89fWZywlc1BKNO5q-DuCdI0BAfJ0hFzyfF9zPdjq4OJIfav9RVI57ThMAcwXV3mqsCFjWXX0CFDcVGpWYWmeYc33G9ldf7ql29jLM8fyK64Sg6B2JHoIDZPfFjscWdOB3qRRHTSDKpts5b5pI6_l73Go2HD4ucKW1_SkGQiQECg7d3M4Y1qfKhF3riMzzjjKnn_mQDTd54fJei95uL2DPrxhLKzORh2Fkd5ywVNlGCXlCbPDvd5C2NZHKcnXktwHSkCRuVrWfx6zvcvYblorcE2KaJ9dN1EQ6eVIyn1_db5MPLyvWdffrsi30Xt1klHWnPyPn-HPJXKQaP52hTLtPEOspPdsXuvKrCui8G1l_RILsr1krL90mEcnCj5EAvy-i0MAivLDd8UTO0YRhE-AN3TojZpfJFxY6Sr5qymr0i3m-pu-Em-QwJUmH3gAl92yfjQajWtBXGAbkYypOKz3q41q5vMjwRiHE9y12MjJIWvQxVFguh1R8IpdNXWzuUEBByhRGSmclExItA3FdVl1jyMu7M0Cng8BX2Bzy2I4VL8MDp4Dy-lUJlGplKYfNNhBmocF0E8qrHxGM1kPu02R1ippEe6PJU3Qfr60SoOacyT9VudZZ-RfBE0EWpD_orVp3SGjF5fqD1dwrNmNfx8MYYpmSnOqmm8jHX-wfQvvNV5LMFt8pw8SX2nAmkNjG-44X86MBP_jeCGLRM79gIxljkixsFYLdjEHy1kitDZu4wVMqkxZn58K7BH_nEkLQ8RTlSNfN_89Jv2jf_8hj4qJqslSkiEM5EY-AltPoyp7xjV9-sKjuozJV_UP5lhy6KPZWhb-YvXRwPExSzRJjuIq0efJyuPsTjoKs3BuxZuv6iG3RpxGM5kv0Ry7rHK14RChsWkp5t-DiYpALcOy2PDGUmy9o238vl3nM00P3mZ_1JV0qVWjetZNjepyCxbydYS7NgXEZhGpgcE-R2jsFouGucaM4F5ys3_iYsAjipQlmLDi6EmlAhXe6tz6tij5hj-GqbfyC5VvvwH3ga7HQ7kDEqTirLpdVxKJMl-Nc1rSTrm2XafIMcoktCljNwVX9-jhhTQ6GsbGSghmsE30rGwFlisBUT-W_bWReh6FmGYXkv82fDOFKHEcvIHNA0oDkk4cJwvcjYXMNYGLERWV_QmmuaxO3FCvhRivC1E7i5H0ostT1lHA8u4kAH0FhRXUbvQkdKu4efVEdD5f0DB9zktxN0Lsn8EupPUN5mMWNQ504-UDV94sFLl5Lm89PFtWtT2ObyDJ6UCareKGWRozl1i8YywLMFoelz6axbHedwrR18xueipq3dpAdmL3PfQ17OpkifcKjhPWRhz1CqeJtFuMoAxViJkApu6iJeQdErVKS1Vw3GImdrgUQuIqCTFsYOYZxPq3kYgZjMfsgXuoWx-40ZyAV_7cg27d_ymhnFCCpqMj0uFDwMLysnIr84jfSWIQFGvxf9Jv1XW8-BAKRkFsDJlmb4b7L4xJiS6xT6jwj1CFUAiPk-1DA1EqJUtPfVnkbOHCrtmA9sCbcEYuLYPPjkMo9uQJkEfnjOQGr9Wo7TB1iBterPrsAgBAoOPVSOt8QZLhP4LMnFnO4MQ21-jW64dIVd-PVfzSRnMowqURw6MVLY_nXuDDn93BmDB0-rD02xVwv74VzIcwuFL17cGqqLxBsLJFrGKetgX832O04b3XNZT0d1OqVAkB5mPisuei25vhnj5U1yP-4EU8bluR3K5q-UNL8wf0ufAIyjAZumAkIfpwn5JEHQh2Z2f5ogAiczsmmoIVwhIE9ubYIJlmedin7gCzavITjwskFdthLcisZCJ6hhy5TmoC1QAhC3vpcaRxXIavitf97tKDPcDFbj0F7YwLtaka_StCulZPFR4swNcGbKF0ucD2vtdtW3s8pcNZqQDRwsYQbLcN88TaTwmurhJ6BmeU7jFgOtSmZ6uBdEnFcRMaU9HIgW6VxWhhKi46bZ4TEWy7AP6quAKxPG1LGViYLktIE7DomcQ2eGHwA7Qih_UuMPIY1bJ6Q_ob4JMTun6t9OR0Zf1OQ5vgyuvtOnUEmGubFSZR0_T-ZmNYsLmcrBkq5RhnzdYdW-VFF_y9bW7k_C8UVbYHHj-IN8qtZtXgKc52BtZarNFza9m5QmVIJcg9uB_RoZ-P_bjy5pNRbZV1gZv7KPluV13q1VWbX54a_vQ088lRvNB2gftT6GLNnLvvB5E93JJHQuVrC4Gh95RqHT7IKoe_L7wcpIpnguBjnj825fmv2oHXadZc7df-lbnq5oPrAEJQcfmDSytKt7NjF329JLSS-UxxOxAfVdJ8Tj6Gn5SZOsnlSBWDWOGu_ZTPgxhewYDZYXI7x9LR43LK5xSN12FsumhGQ-PP-QMRvBiKOgJbZ5YSRIdWZ1pHevIB3K5i1Z7pqQaw49JRa-0FDXfoa0rLJ4XtRaAUwhaNWUiGq3meNxlz0vperHJJ93l0vqXm2vaBJW_q_y_Ah7WdliObbIgdmwWd_OD1XtYKPJMhx62zsST-1M4sGNYBtCX-RIo7qRQqg1hrzLr1EsK584X-kNqxnWahCuHmQU_PZGgT9I_lPJeZrfrCqNhJyrTuB5Ms4qpKvlJY7a_0agOaPECLt7xoFosiTzJb8IIx1Mgufs6YCM_p0nWbrh3H0gDBQcfgNZUayzGOkLvKKLAq7kgy7tpFjZwyyRr7Og34wKyBy47L3hzDqzbDtIY48VH9sUSr3cYXpcC0hJGojyox8-r4HE3l3secvhJgaqwLVXGmtivMOdwX1mhL1m0Q9GOBj4IRsIT-jJYxaAUvjOK5XOwG4lqRp7WleYFVM7Ljgi_O_y7Polh4kOC8CV5F5Tn1YpLr6DqzuAXXZ6OI7KDFvsN4wP0pUmEny7gaXhRhrO0S3qHL2h1jeoM3KJPKwGRmH8d1QGgI5N6Ln8EY1SBRD_E8D-iaw_onSfpMHRSsNAHwcI25W3XDKgwYuNZiEsx2rN3wEI1UptPUmHS6DCsJggcdE8_zkhCnOOkqMGj9he7deVR7YDjuB0Bp45y2bs18vblUTAno6baK-qkxJ4QPIOAfGzb902XLODFPTDZDSqX1v0g7aXZY1bxlVNut3vgp4FJw_zCSdyQyKp1uml9pDZV_9soQgxzripuzGi2rAGmlGYyDlZdadRwNErhnZxdPawdptpVHuEJkT71u1ZLjDcGDMbJJIFWWTQivNuCZi9N9JYTUhSjhjL_GEddzS1hPaPiA2YOzoz9feUTap4rE5vSMOPM6SypiDwQqZj0mPdQMawuPTS1ftIcCwFHcOOzjXu0Iqy5RyvkgpGpyQEjexH1509AJyzq8yr9I-ihrGOGREJH_961_u5RK-5o_UZUtbj1rqPA_I0qhULUZHvUPeSR_lwES9vM&cid=CAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9cf423c8701717235d034950b93902cfe392c77b0dee145291a730a42c5e796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6D3 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6D3 135 KB
41 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6D3 17 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:36:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6D3 0
0 47ms
46ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgeEbYiGXW7V4DNd4NsBw2cmp6xR4VoAejLyR-7yGTMgwGyl08CmnVGro_2vhGCQ_JEbK4PKPTLNKUDQLibR1FJ3Hbrw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6D3 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcRHHvRrJ71sQYYfJT-0yDRH3-NuJIkg_yYRpVY86yxFEOJYaN-8owthDZ831TClj5d2vKieqvTtoYihLRT2bLqO6go1fFpib1VUhCyOOg5BuCMh0

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 091B 106 KB
38 KB 306ms
36ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Origin: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 11:18:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 091B 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHyOZxf_XOCGAodRSC43afixQZOGO5T_bnAGJVHO27_QVqG77g-MpCKupSVwRj5p4NYq8AiEQhH715mr1hn7UA8-3mRkOkZJNLE40G-BfybZe3M3QfIiqL0HviCEgi5vVwyeLRxMlYvzV14vNg8uXkCDdfdQ&dbm_d=AKAmf-CWn7PWPCq_Bg0etIa8mPGPLpPci2j7TiVMN9buEse2C2Tt8XUhGdsTXKs8ojDWJ3VMVbNFBQBK6q_mHZEuZg_XHYTyeern8g-RFm4q1laUTSZbcRlQZ3aLKwtGwz4CUTgjUL1JkeKuVkzya5x-R3B-MeUZsWvZKlfWd2FuyWeAcasAP58DCjYNGiIg2TaIWzkhFlN9M6DdTUr9ah1zo1hvv2Hv6WL4LGOwlzyD-q0MO7M20SYTfotK9GbeTsrVYLGDQhM9oSvBa0HC0TBScv7LYU66o9zC-4tSDLIpAd9dPnmTM0SD8_yde4xvqPKYwtVB7aocXRHDjhH9NbKI3wtkrWCu9KNPu8xRIrzPMm0mcy5Qp0VPmq9vtTcYlmO5YPulTTzfNqAwX06c9ruWZC4FJ8cLAipBdSDX_kErMZ9C1jtf31XjfekaTSQWy-5qxhQ1CIGcRlzhg25Z8usEiL8R5RVwowk--BW9q4aUalXtbVy6PZY12fK8-NaKmsVoYSpWu_XmTghoQ_7pngwLqyRxquSUThxTYa_2Zr6UymyJUNbGtQR1pem-bXKoESb2b5bkwzP2HeyD6iyaweTXhrvWDuChWBJTNdYgh4t0INKlJU02yw3Gd6R9zCHgXXB_rc77wct_-gsp6fDgcyY8rpR_nO9llWwsHjS6eEuAcUvsq_P2FYGEgvJiLuFHzA1w3xIUAtvFXeFPjROfymrVfPUjLlZnUB6EmMiN2lzYVNBaLQY4Y8qTc87DjoK_2JJx0Td7Vpecaq8nEu8rboORducPPx92ak8MlhXVn0CDLZ3KNGRv8kJxc1MgW6Ji6dtFN6m7jIB2FYKmGrMJrE-FHLiIEB2VFW3vxJxRiEGBvm9G484tsgwXW3g-75Z8JIexC3e3JzutnKvbnu_Jj_Wf43NGq5KBid1DmXWOejuChEwzLG4EDMsOlHV2LaM39Z3YMtGXc115sE8mRHJ3sEIWBFim6rMqOLuyv1Brn8CD1qxP8C5cV_dYe2cHoEsLLD0Wi3h_4UmOTpTO98LKvXFXWnLv7bhytdWXlkr5YHKDkjVEzoL6mj56BVMsBhzv1c4QzxFB9ROjQCqjR3vTfwsALsz9BDnOraJ99m61lfT3SQm-V_0hgv9WfDknMOc5t6PteiiX4GoQK55cvXgEN2GI-rAAsrXJz0y58pCmWJq6MNTj2OxjkzayuPx7MeZSbDiE_aYoOC2EO3uJsyNeisOxkpdSWVyeln13M8HpJl8H8gC1pqgrSxRcNgV9gn0Z1obn8BaZD4gHkMrY1k6MGSJKOUCtlb5QQSYyZktKWYzLv_3gmqeL0fhiKsIk1REBSln5L-6NQiQFqXGf53jgDV3V3-YJV7K9Fz4CcavzW9ta0QU4Kewa7_j0u1rWl2H1tiifT3h36bBrzjV6AYlfKZG9gVOAsA6TyN4GL3mfPep-0vHXLPQTfE5bXHp_-z2lfG3VApjwFRq8j3LC4zhw2ZPUQ1dMczzwP9IxxIzX3dTPliskIt7EsRYbyo7caD8TmAmBhxvj6Z0Usb_zPCBMfuKsxGNQqdkqgYEE9oJ5bqvj5t40PKH6gowsubI8Ni65bq5afsz6HI_F7kEuxsiX5WpaSST_DhddIqJyKJsqhWL-AqU2nDMXTu1lJIncewSyTdCynzT-EXOSCsPnR6lpfW74XNdwItVkmHQiq9wvuQDvkLiZFbBJGSTiWJB-VK9V2C2J5Vwl9vEO-uUUTCgAykAY-53TYq8kCew0uk3pB_eE7nHSUQ0kfunhv7s3cGgS0H21_LglOhEcFOLWoOxX2MCIKdAlKNm4DSErwYib8BfAlhx1-9S1RtFEAl2nXvf85e_NRLnWHD7r6I2zC4FCa1UxXSse3tXTp5Sb1iprbnOcR3LXOwZJBFVT8jK34bofAjTtM7FXpo_cYbeDp_fhQ5WUcJ6n44ApI-BklibTpokYCgt1KYLW31EQY_PZOapjHuOylWYVKNlLsLIhpQLVrt2Rl7nb9qPSUfrEFxxmjyhXHf0RX2CDVRArvcZ51WIwvcOkC19rp4ImyXGoPpbbr-ToXHVTnyxCsoC2ppY5R_qtHpkT6yPUwLlxLEkFveI9QBJO0ZNI0fxh8W-FnY917hbk1WiKAc5aRc6s7RCwnTSBFjMYk7-rfzF2rvjKx7Dlv4hry75c7UQ5xhOrMODu4VKjH_nAeDuPdQ1A7cYL9ADo8i026bRW_1onwRKlBZH_VauXP5rt28SmlvkEdFklOBnEYBHnT1NIBGvUcILW-y8ayt30uxpMTYnw2vfisV_ralQjGNhk0ECcDDqB31jw_EwCh5AP4mX3D-H1Q2pIeRNdDPLbKKDAXAQ4VKOJLYwSTDNNQunpJmIVQ8kurJx6w2CJH5PG0Rh3Pb47_RuRNcf6kyFN7kVKnWFqOQo-5C58DjLBLfPdv7a3xPia516TPxhsjXH3PMCJiqx6NIPT0BxA1HwszCsPpuFTDDVJ6ToExxTMkyrQeBo8GDoG0YS34ceQFXnE1Za8_IMYFvdLoxVGajt9y04Nj3qNHeU78uPaRsP7u68Q08wyMdYZ1soeOuBdtf8dd2o91hjnVBBHPzAJzESoHFCVVU3zx47OyP0xZ1P7RqBRTHFiIzi-XgXqiWjG_wPpaa-hm9Ow9WjRG8WGAZznLn9IEaZzn9T5sVoTuT9OyUPppCQrAHkif6aBqdO6J5ELHdZUtEk1fFgsNlKCrMx_Dw9xh0IPlCuEM7LKJ7E68PX00VfmPowEfymxBfqKi0GcmLe0vMY_u2P58xOAHkp0ShJf150vpsAwcjpmdBk8YaDv4ZcqaDd_JvTAwM2YPPmHKnLQpZBq5jG3m4-wZbzMxp9E0EFKZj1jeE8lnmOBN8g13TSCmA6pEKN6nYFEUuSsfbt8tPI7o0bRYbVRS4CYjArvN4wVzJO-sgW1jG58hSV2WIRLyxCoH1U2Xp9I04m4zu7j-RcJJZ5OgWLCrFcdOxJ4Ym7Nk14r-v6Q8txtSRyorM5Ve-OAafSaQBWGUFGLB7e3cc0wTf99QN4TMcowYVzhT6ZzAyWg3GGXbWlM4tQJf92O&cid=CAASJeRofteuouLBBxVnJyL7nDO7ApOsu-phv29AvdViBv3BwrPIKcI&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:28:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 091B 27 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:34:21 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F1D9 35 B
464 B 201ms
40ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQ-gRfg-ClU4u3pXSrbfd8&google_cver=1&google_push=AYg5qPJA_pBNfeOBfgHguQXmVFtYP2FEGQUSCajHkDYBAQ695MH9ICC8wrewzXHN66a6kCv8OOh7-ccVUoXr-4X7ut58RQjxHKVmigzQR2CMnmist5UMRdv0HypIbUeonaxmD9UNXDT2S1EETWnolKoOvhM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D9
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnG...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NEJ3QUFCVzZZQmdRdA&google_push=AYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnGy7RSLAQnUlyc7Nqmx-AXxybfl7ieTwc6RFQhdJ6QExpZMZqeGYVV9gs...

170 B
188 B

59ms
58ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NEJ3QUFCVzZZQmdRdA&google_push=AYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnGy7RSLAQnUlyc7Nqmx-AXxybfl7ieTwc6RFQhdJ6QExpZMZqeGYVV9gsUQdaY6aA5oU0_uC59yleSixfcCT9r3nrTECirlZHnAyfKFqJ6Ow6E-dw

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NEJ3QUFCVzZZQmdRdA&google_push=AYg5qPI8wFMcCjEloENpagoJO833WBmfEhZPQu7OGnGy7RSLAQnUlyc7Nqmx-AXxybfl7ieTwc6RFQhdJ6QExpZMZqeGYVV9gsUQdaY6aA5oU0_uC59yleSixfcCT9r3nrTECirlZHnAyfKFqJ6Ow6E-dw
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 445
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D9
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJIxcrN4vkNMFWsyoMB5d2HR2KIqLePxXQq-ZQcIfvVp0lSi83ZyOB6je_uSzQS4LBv2E_cAGHS-R_koL0_V2KVoVj4JVYO7VPOpi512pFWwIE3p1lLXUSL8u3d2k_wmYDHMRlKc6Y...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIfwrpQGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQSkl4Y3JONHZrTk1GV3N5b01CNWQySFIyS0lxTGVQeFhRcS1aUWNJZnZWcDBsU2k4M1p5T0I2amVfdVN6UVM0TEJ2MkVfY0FHSFMtUl9rb0...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVV2Y29DMVNfX3RTaDBPSzBUOWJ3andXM3lFenh0X1l4TmFoOVRINkd4Yw==&google_push

170 B
188 B

63ms
63ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVV2Y29DMVNfX3RTaDBPSzBUOWJ3andXM3lFenh0X1l4TmFoOVRINkd4Yw==&google_push

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVV2Y29DMVNfX3RTaDBPSzBUOWJ3andXM3lFenh0X1l4TmFoOVRINkd4Yw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame F1D9 43 B
351 B 215ms
55ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKnSw1iBX9Zyg1nu27cdUwU&google_cver=1&google_push=AYg5qPK6iFXG08s2THLT3wJMDUk3VGwtGid-OLE3oLpEe97QMmzDfEWV1lwEKabV8qgWofwvqwCj02HOXP7fzBEEMxdUUGxOSQQ2v6kZQzDwit4ZSkxsTE4PTV57GJciA2TQBKl_H6IHwAq1dU8X3WNgjPY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653323780&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653323780218&bpp=2&bdt=1609&idt=213&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De97271192f7707ca-22bd4feb99cd0019%3AT%3D1653323780%3AS%3DALNI_MYJmIf4CmW_Pj-95ZNGUW36xjj-5Q&prev_fmts=0x0&nras=1&correlator=3349062393711&frm=20&pv=1&ga_vid=222879948.1653323779&ga_sid=1653323779&ga_hid=696100289&ga_fc=1&ga_cid=1154909005.1653323779&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C44761044%2C31067528%2C31067628%2C31067678&oid=2&pvsid=1068517317512481&pem=793&tmod=1432576035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kANlQzZKXb&p=https%3A//www.nur.kz&dtd=220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dfd82ggg13qres9krnjsoa6d35th98ht

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--IoVkpuRpyaHe97ZNw0uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--IoVkpuRpyaHe97ZNw0uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4rZrQtTMa4QPTOb9SMkm_ZhFZNeodmySHCRaogil46jqHtjwErbeILTS7JUFzSvbTxif3JMdEEP9PnKJzXPpoUWo5sR9PbwMXyc44_oX8tBNn9kcupntWcuF27mqJiD1TmwGpCrGL_evw0FV3M4Y

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--IoVkpuRpyaHe97ZNw0uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4rZrQtTMa4QPTOb9SMkm_ZhFZNeodmySHCRaogil46jqHtjwErbeILTS7JUFzSvbTxif3JMdEEP9PnKJzXPpoUWo5sR9PbwMXyc44_oX8tBNn9kcupntWcuF27mqJiD1TmwGpCrGL_evw0FV3M4Y
date: Mon, 23 May 2022 16:36:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDKnhA_HznUf6m_HNO9XLM&google_cver=1&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9t...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFKVUgtMUwtRE9INg==&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9tYBYr24TmlbhKLuYMqBpuEThFR5...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFKVUgtMUwtRE9INg==&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9tYBYr24TmlbhKLuYMqBpuEThFR5FqaZGAa4PS7Dhb-h0Jth78apsBxi-Z9Q599hPh2mgparIQfyhmxCtg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFKVUgtMUwtRE9INg==&google_push=AYg5qPLXvHcVSbXn-d2xj0FB5JEPaN2-lNbRVBn5mkH4rSvyzY6vKG0sXXA8_JiY4WQqOCnwn9tYBYr24TmlbhKLuYMqBpuEThFR5FqaZGAa4PS7Dhb-h0Jth78apsBxi-Z9Q599hPh2mgparIQfyhmxCtg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp...

170 B
188 B

63ms
63ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp2lOBwaUQlY3zcQqBu9QBAbhoRLWUjftjU09OJomE2VemhNU6Uo1WgoSjvJN9-7YpoUjYF0AiClq6jIbZUv7hRbBcqMef8XjJwFlHYjU8&google_cver=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_push=AYg5qPLLTsilTue9jO0uf0zoDK2fRDYGk0rKLKwHM1KnZnhGzEp2lOBwaUQlY3zcQqBu9QBAbhoRLWUjftjU09OJomE2VemhNU6Uo1WgoSjvJN9-7YpoUjYF0AiClq6jIbZUv7hRbBcqMef8XjJwFlHYjU8&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 515
Expires: Mon, 23 May 2022 16:36:23 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F1D9 0
223 B 204ms
45ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV763Im7rmsqpwEeMiJ3M3OSuYmcVZK7WsYgjxg6oaS7zsb0mBRrfo-Ug7BCPc292kt5Q2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 243D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1

43 B
1014 B

111ms
93ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNWGGFpVJ-u_a5TOBzA7jzL6Y_zeJ6LncllPAV2iBs7UxfpvKFyORdoaNixIMJ5ErkG-xgEvXt8lVQJnuziNF3nrdIwfHYNlUzBhZ260MPQzmMBtW5QaH5HHr4bdG3CJHNZO2T0UKAF640_vPNOeBgTpgvSkJnMDyk7QrrdxTxtUWzJUFTU
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 16:36:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 243D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=You4B.ug9g.4CLoLeUiLjQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1&google_hm=2

43 B
894 B

66ms
66ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNWGGFpVJ-u_a5TOBzA7jzL6Y_zeJ6LncllPAV2iBs7UxfpvKFyORdoaNixIMJ5ErkG-xgEvXt8lVQJnuziNF3nrdIwfHYNlUzBhZ260MPQzmMBtW5QaH5HHr4bdG3CJHNZO2T0UKAF640_vPNOeBgTpgvSkJnMDyk7QrrdxTxtUWzJUFTU
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 16:36:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIL_cYxvZDeBGCVayc52Vuc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 243D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHf5clfyAGqYci8A3eowmJY&google_cver=1

43 B
1014 B

156ms
60ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHf5clfyAGqYci8A3eowmJY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNWGGFpVJ-u_a5TOBzA7jzL6Y_zeJ6LncllPAV2iBs7UxfpvKFyORdoaNixIMJ5ErkG-xgEvXt8lVQJnuziNF3nrdIwfHYNlUzBhZ260MPQzmMBtW5QaH5HHr4bdG3CJHNZO2T0UKAF640_vPNOeBgTpgvSkJnMDyk7QrrdxTxtUWzJUFTU

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8942d075-f010-4e29-b67e-46aff0d5e102
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHf5clfyAGqYci8A3eowmJY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 243D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MTUzMzk4MjU4ODI3NTIwMQ%3D%3D

170 B
188 B

62ms
61ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MTUzMzk4MjU4ODI3NTIwMQ%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 42bca489-82a0-4870-853b-4146a57da8d4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MTUzMzk4MjU4ODI3NTIwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 9489 28 KB
28 KB 115ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 498163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:40 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A88 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 16:04:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C6D3 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_5cw9JFaclmG1u_bZ8feLZdRSFHDK-oRSpXQyTyFiAu7l47w0557CIwnXJw3xQLxxMzPqS7jK596SKOAU_0O1w4VscCLI9zTyru7fZCoYw3bxYkGyKr4PbcgeokAT8jmZY9JcMcrvoBxOPqduCUn0y_xQTA&cry=1&dbm_d=AKAmf-B7jnrfng4-URLLmdaTsSpqZC464yvJNVCe5QCuvnJfRbJ8nQY8jZTbPJRQyC4Hp5281rGAuKgWJQ6mOxiB07tLRmgETAHP89fWZywlc1BKNO5q-DuCdI0BAfJ0hFzyfF9zPdjq4OJIfav9RVI57ThMAcwXV3mqsCFjWXX0CFDcVGpWYWmeYc33G9ldf7ql29jLM8fyK64Sg6B2JHoIDZPfFjscWdOB3qRRHTSDKpts5b5pI6_l73Go2HD4ucKW1_SkGQiQECg7d3M4Y1qfKhF3riMzzjjKnn_mQDTd54fJei95uL2DPrxhLKzORh2Fkd5ywVNlGCXlCbPDvd5C2NZHKcnXktwHSkCRuVrWfx6zvcvYblorcE2KaJ9dN1EQ6eVIyn1_db5MPLyvWdffrsi30Xt1klHWnPyPn-HPJXKQaP52hTLtPEOspPdsXuvKrCui8G1l_RILsr1krL90mEcnCj5EAvy-i0MAivLDd8UTO0YRhE-AN3TojZpfJFxY6Sr5qymr0i3m-pu-Em-QwJUmH3gAl92yfjQajWtBXGAbkYypOKz3q41q5vMjwRiHE9y12MjJIWvQxVFguh1R8IpdNXWzuUEBByhRGSmclExItA3FdVl1jyMu7M0Cng8BX2Bzy2I4VL8MDp4Dy-lUJlGplKYfNNhBmocF0E8qrHxGM1kPu02R1ippEe6PJU3Qfr60SoOacyT9VudZZ-RfBE0EWpD_orVp3SGjF5fqD1dwrNmNfx8MYYpmSnOqmm8jHX-wfQvvNV5LMFt8pw8SX2nAmkNjG-44X86MBP_jeCGLRM79gIxljkixsFYLdjEHy1kitDZu4wVMqkxZn58K7BH_nEkLQ8RTlSNfN_89Jv2jf_8hj4qJqslSkiEM5EY-AltPoyp7xjV9-sKjuozJV_UP5lhy6KPZWhb-YvXRwPExSzRJjuIq0efJyuPsTjoKs3BuxZuv6iG3RpxGM5kv0Ry7rHK14RChsWkp5t-DiYpALcOy2PDGUmy9o238vl3nM00P3mZ_1JV0qVWjetZNjepyCxbydYS7NgXEZhGpgcE-R2jsFouGucaM4F5ys3_iYsAjipQlmLDi6EmlAhXe6tz6tij5hj-GqbfyC5VvvwH3ga7HQ7kDEqTirLpdVxKJMl-Nc1rSTrm2XafIMcoktCljNwVX9-jhhTQ6GsbGSghmsE30rGwFlisBUT-W_bWReh6FmGYXkv82fDOFKHEcvIHNA0oDkk4cJwvcjYXMNYGLERWV_QmmuaxO3FCvhRivC1E7i5H0ostT1lHA8u4kAH0FhRXUbvQkdKu4efVEdD5f0DB9zktxN0Lsn8EupPUN5mMWNQ504-UDV94sFLl5Lm89PFtWtT2ObyDJ6UCareKGWRozl1i8YywLMFoelz6axbHedwrR18xueipq3dpAdmL3PfQ17OpkifcKjhPWRhz1CqeJtFuMoAxViJkApu6iJeQdErVKS1Vw3GImdrgUQuIqCTFsYOYZxPq3kYgZjMfsgXuoWx-40ZyAV_7cg27d_ymhnFCCpqMj0uFDwMLysnIr84jfSWIQFGvxf9Jv1XW8-BAKRkFsDJlmb4b7L4xJiS6xT6jwj1CFUAiPk-1DA1EqJUtPfVnkbOHCrtmA9sCbcEYuLYPPjkMo9uQJkEfnjOQGr9Wo7TB1iBterPrsAgBAoOPVSOt8QZLhP4LMnFnO4MQ21-jW64dIVd-PVfzSRnMowqURw6MVLY_nXuDDn93BmDB0-rD02xVwv74VzIcwuFL17cGqqLxBsLJFrGKetgX832O04b3XNZT0d1OqVAkB5mPisuei25vhnj5U1yP-4EU8bluR3K5q-UNL8wf0ufAIyjAZumAkIfpwn5JEHQh2Z2f5ogAiczsmmoIVwhIE9ubYIJlmedin7gCzavITjwskFdthLcisZCJ6hhy5TmoC1QAhC3vpcaRxXIavitf97tKDPcDFbj0F7YwLtaka_StCulZPFR4swNcGbKF0ucD2vtdtW3s8pcNZqQDRwsYQbLcN88TaTwmurhJ6BmeU7jFgOtSmZ6uBdEnFcRMaU9HIgW6VxWhhKi46bZ4TEWy7AP6quAKxPG1LGViYLktIE7DomcQ2eGHwA7Qih_UuMPIY1bJ6Q_ob4JMTun6t9OR0Zf1OQ5vgyuvtOnUEmGubFSZR0_T-ZmNYsLmcrBkq5RhnzdYdW-VFF_y9bW7k_C8UVbYHHj-IN8qtZtXgKc52BtZarNFza9m5QmVIJcg9uB_RoZ-P_bjy5pNRbZV1gZv7KPluV13q1VWbX54a_vQ088lRvNB2gftT6GLNnLvvB5E93JJHQuVrC4Gh95RqHT7IKoe_L7wcpIpnguBjnj825fmv2oHXadZc7df-lbnq5oPrAEJQcfmDSytKt7NjF329JLSS-UxxOxAfVdJ8Tj6Gn5SZOsnlSBWDWOGu_ZTPgxhewYDZYXI7x9LR43LK5xSN12FsumhGQ-PP-QMRvBiKOgJbZ5YSRIdWZ1pHevIB3K5i1Z7pqQaw49JRa-0FDXfoa0rLJ4XtRaAUwhaNWUiGq3meNxlz0vperHJJ93l0vqXm2vaBJW_q_y_Ah7WdliObbIgdmwWd_OD1XtYKPJMhx62zsST-1M4sGNYBtCX-RIo7qRQqg1hrzLr1EsK584X-kNqxnWahCuHmQU_PZGgT9I_lPJeZrfrCqNhJyrTuB5Ms4qpKvlJY7a_0agOaPECLt7xoFosiTzJb8IIx1Mgufs6YCM_p0nWbrh3H0gDBQcfgNZUayzGOkLvKKLAq7kgy7tpFjZwyyRr7Og34wKyBy47L3hzDqzbDtIY48VH9sUSr3cYXpcC0hJGojyox8-r4HE3l3secvhJgaqwLVXGmtivMOdwX1mhL1m0Q9GOBj4IRsIT-jJYxaAUvjOK5XOwG4lqRp7WleYFVM7Ljgi_O_y7Polh4kOC8CV5F5Tn1YpLr6DqzuAXXZ6OI7KDFvsN4wP0pUmEny7gaXhRhrO0S3qHL2h1jeoM3KJPKwGRmH8d1QGgI5N6Ln8EY1SBRD_E8D-iaw_onSfpMHRSsNAHwcI25W3XDKgwYuNZiEsx2rN3wEI1UptPUmHS6DCsJggcdE8_zkhCnOOkqMGj9he7deVR7YDjuB0Bp45y2bs18vblUTAno6baK-qkxJ4QPIOAfGzb902XLODFPTDZDSqX1v0g7aXZY1bxlVNut3vgp4FJw_zCSdyQyKp1uml9pDZV_9soQgxzripuzGi2rAGmlGYyDlZdadRwNErhnZxdPawdptpVHuEJkT71u1ZLjDcGDMbJJIFWWTQivNuCZi9N9JYTUhSjhjL_GEddzS1hPaPiA2YOzoz9feUTap4rE5vSMOPM6SypiDwQqZj0mPdQMawuPTS1ftIcCwFHcOOzjXu0Iqy5RyvkgpGpyQEjexH1509AJyzq8yr9I-ihrGOGREJH_961_u5RK-5o_UZUtbj1rqPA_I0qhULUZHvUPeSR_lwES9vM&cid=CAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U&rfl=2%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame C6D3 11 KB
4 KB 145ms
40ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bbc10f5aef909ff98128139a1869ba2b01c3e2b146d479e018a479050d9e5d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3898
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F79A 106 KB
37 KB 185ms
83ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Origin: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 11:18:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame F79A 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtdG0YbcuY_OpG_gxejoWFu0jR4a1EJfXf3w3Id7zwLAXhg1NNT8rYTTBIqYip8DunCUmX9HiqPevLIek5ADwF5kqC4g&cry=1&dbm_d=AKAmf-DeqzgreFDbiiJUNveyhl_wSZk1N6Ddos4cyvRGL0OkK-8MHLrsy7In2hJfpWFkL1IfM5zKQ5IhuZGyfxZGu1bTkaORBiUTsAo3Ze5IStQXkV6nlRSjtxNStrli41odckJGU7_J6KU6Gwy8s86L4usoblEES4LP2WObMumTSoSEJsXSmamnB_zG-oRLGrf1H5G0rSHn6fhF5NFx525qTQj0wjWQ0rDNoGDKtlLPk6OmvydYHaWa_0S7v-FYSXi5rbshZjtfvvgCW866zoL75U-3kpwGT028V4FQ6FKJil7RX4PKgm7NeO0XD1tmMyZh35G5kLnbTDvDi96ME8TUxftFBj75EPfUo3kMfXIofN384WgS7rmMBUNRbptAczWDns8AFXA2-dcaTrKYXDk5U7_6nhg6m2JEY1XxpgyjbBk6y9knis_rWS3XiC3uLwmjnDjIIMhYJ8HqHnj8B89iTUtJdkbNq1tT5bsvsZdyVaO3dUCFjgjdpJVIGZGEOkFzqTxzdqCdg1hCjoJ1zaza1zAHuwRNOyXJ881Pq2v_BqE4ZBYWbAvgwb8aWBbU0fS7hKjcwIdtW_WD6sTfn3sNrOKElqj6n4JqCHFYcAES8arcZCkiw2GhqTNXGMJpWkTloBDraBJD_H0N41Z_K0TkTrW7xc7WIuWAaU9Odls5OnIg-1aUKLjlIrR_bDYIhAAOw2ZLjYuR4ewJ66u_AFax56JIwRe7lRITwZYuIIlN4m-LM4TdbO8KD_vD6GoOTaFJq4XyMrmOwEhO__DLEf_SozJ88oOzDUIII-SEVJM5_9XJnJuF9lLTH9OPA0dADKu3QN6fZg6KWfaU7-PB4c5KpgvtR25ewm6AW_LApwBKlDgKRp1A1FvnfX7hFvZUx9HZNNq0b04Fy9KeQRX2mRTDOSuGZJSTUjEiH8oSXGtSSQK1xkhX3JsxknSGa8TN9fF_2m0P91CFoNfYUwQUdhtrVtGt47cyTmT1Vo4IwXIonF-9Xa3itQrWgMY7IbwoVpMeVR-xqeVglySZLX-U_sG6YJli3pRAnWID_z7o8cQKBb36TYutPfJyDVblRRH0WCPWWuYd0EUcEBMAzJRvmCCq0FPCjh9T7zM6iYJbI0lsUa4rwPUYOVZt-Bi8ntY5hn2T-_eJq4oHPp8o-QxLePE8CPPDYnHfhokaHe80SFa-BcHeCrze4LigccZypFl972CNZO7N8hRM2eCmNolteYTTs3mnGA6JlzrDM4SJ-7YOmPCZV9znwk7iHp9LhGu-dACcnP9L5FGDD3E2mY3AephkqdwP61SfbyfFR9x9CAPws_mLIhoAXTR_4woMbu6AbxrdiqtwIBBFt9iwbjqlvzIunTIRvXJh3Cm7h4W9sq_ith_UNETUGsXie8Wx7IcQw_FTCLFcoAchsYGBhKh9QtCvnXBQLnAMLYGlaTmeRo5ThofHtu3fFJ0UYSsk_DTzOkn3tJyLdDpzFk6fVlPVTRxacTAeAcO2abg82v4go427enP-JKfrt7LArE9K9mh_Wq8PANSWV3QXJO5L-L79na-_Gm9gwthRhqM3qdMRg1NB-5gV1HXoEdZXOA0_Sni66QTvFZmeh3bLl8LG5ZyupH-3EQNnwyV-GVUoYA8hDDHkbJHQaDuKJRgBNiWH4Y-TS5qgsNHMIpZDbbOvCdblEKtrfLmEaZRrAc333xGzEOeYG0-LtASFNiTXIncksN3ZOSGdjIPNBK3zDJUlwhRpqHjKPDStv2XkgWg7uHNKvCzvR_S4MHHn2e8hpYyDvTkD-ef5r3O73_yfv6-I6ihXXZ0_G-H7m_pVSyeqQ_ppu7Il0aqHifSZFQlLkyrJm_eW7M0iiwzL2exe9hSkw3PjUF3Hw-BCy-g7C-sAO4SyXp9mbPDuSeG9cq0SYWGu7Zx4kcMa1lK6o3AXpEr2NVls-_1CTPVfE3VOu8sTzn8KBxN-AFbmKJOJcsWJZsUxEAwCDW27nzJvvZqDzcq6jziaASohlh-2MC6plRsBbqnrg9JlM7UDxCwKemDvHmY94iM3v3ZZYCiMh3Y4bPkHrVNTYnVPDxstOQcYTHiPY8elSAeOcUX-2x1EerjhS7b_5e46vi4tnKMWfBGzIx-aFg3O-f0TssicYSC0LRSRm6aR-Umh3XQoK1z9J8Sfc2XmtFsu6WzG-k3y88y5OTYQUy1DyV5MnVCBNcuUthBqC8LHFBOpGcTEyDF-3ctCXNMjSWs6hnrTtI7z3SRGMX2gKoMO1Bu7xz23KMQwLZ153zHQCev36h6qac6hPRg8X8qcSDXVZZMN7Df_9FQKRILgGQp2kX3YzV5UTJ406O-taGsoghLLMcjkJxAlMfwnURYpIdUAd1FPtPRP_Hy3_ZhzpgK2vNLA_puLQUACFkUpHHgIqTRXN4U1gMU1avj_DIpLuERFdNMGU1RqRta48eftJ0t9DMZbyZHMuA9fPBkceEQ2mPhD4otZcV2wYRqu44nBh43zJYC4yk6xAO7SQelKCLlW1aGk7vayYxktZsKVVbxCi762LlDe68CcT8qTk4ewEVUcF_bxI-9fh0DJHx7EaCLOE2E6zCvOWetFwEeVsre__DUfbHJFjfAHG0qIQe5WBXpDnG8JMMxaaiZWDWa_CTkyW9-OOqxvxoIHv8XzfpUeoIdXlfVcf4w4bxjr3trXwHVpPDrDO_GwRhK2DINlG4_9K7Jo9T8-T8FkekBpY7WxFxd3mznYA3K0QD0xz9TvPUIgu2-7lziTt7l4umTTk1xmjNoxgOBCmNGcNivMSgLp6wW8XYT4fpSPsWyMafVMEC-S32t8qpFPeQ2Q_hot9d-jo2YJ5_AflPR0ZeAriMfOgn84zORBsKdM2F3PMksHSWeId3ARxGt7wHGGZ9b0FH5SAJDwApj8k_r72NbkS_BP7jFIktv0jZpl2ljriubKmFHth5CCgQ-u-LF_S94OftoHGtNDAGWyJmP7VXm5Ulh0GMl6F38gtTH6g2ikevZUXM5QQ3kxi-qfZfrq_PCFf30gYQoLePYZveXe8NCogxq5_KrOyLkJIoPRLRJKbOodpRoMvwop5agKJSc0GzLYaOwDV_i6HvVwTZbC4bEBcBRNYCF7py7D5zCBhTU3zFRSwSp3ta780phh1V9isuIgkbJXSU6PqdmHQ-y-7BGmoRRtpznfYH_ktNSoqM94fGn04gSqRR_krldGaSTTK-YEGEern3VdZJJw5Ls7tg&cid=CAASJeRo-XcYD3WU8tYVTNyb-zN0ZbgWmiqLc7Q8N7_jRruGkpOlgv4&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:28:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame F79A 27 KB
10 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:34:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F0E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1

43 B
114 B

61ms
61ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
server: OXGW/1a2bd40
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F0E9 43 B
306 B 162ms
59ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: gzip
server: OXGW/1a2bd40
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F0E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1

23 B
172 B

63ms
62ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 16:36:23 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F0E9 23 B
172 B 210ms
67ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNXB4O3xLBAnvine7rORFzYq90L2N950UeVZfSd-JsWM2n11V4SNc_XwHPTe3b3rL8dWIoZeGXprmq_Slg-P0IQTKQKIl8U04q9Zr4i-JRYxH9iARQCu_ZqQdNaZOvqNC7ZsAf0KUBAMuIFbOziEX16QSIFT9XUUFQ9J829S47RXJRl3Y24
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 16:36:23 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6507
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1

43 B
106 B

62ms
62ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
server: OXGW/1a2bd40
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJyfe0r4HqTTQS_Ir923FKk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6507 43 B
120 B 162ms
59ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
content-encoding: gzip
server: OXGW/1a2bd40
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6507
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1

23 B
172 B

72ms
72ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 16:36:23 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIMovDYpm5GQ8tfrBnWMAiI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6507 23 B
172 B 204ms
62ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUHdxqDgabsBNbYtOgg0cFkjEe0qIGEeeDm84WtEomZtSPJRid_sTxGYHaxwSdkJLulSftsXEyvB-NszdXp2OQxpm33bXX8OtqyNmRjDmP2C7AexWyHJQhczBRdc5e2xB_HIiom41wjco9c4Q_shCbL0Lv2fAa3In5Uxdjuh30a7Wx-tjQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 16:36:23 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 091B 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CCB 1 KB
749 B 37ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 091B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187aa7aa4670247180d8d26f28550cbf7633f51f52b88daf5ff39daeec3b5dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame C6D3
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

201ms
116ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: b26913c9ad5381876dfd5daa2599f295442fda207c17eff0271e67a5d0772ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 22657800129908204444550011968012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1103
Expires: Mon, 23 May 2022 17:36:23 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 23 May 2022 17:36:23 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 43F8 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 449270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 4 KB
2 KB 118ms
37ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 283269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1567
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 09:55:14 GMT
expires: Sat, 20 May 2023 09:55:14 GMT
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 091B 0
622 B 180ms
81ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-EnB1hUc9E4I6zX7J3LTswWwp21g4FFRVX4pmrJpE_HDhFjmrRkQg-j08-EprBVKy-auA2NsTUBZovHQnWOZQiGjjX2keNi7KDFMIuolPCYKAhJM0ItFi77IZKXhBllKvfIdxwVkJbmYaUDN77Z6JYYiOilaxWvv8-QHep82VDUMJ6ewgM6tyE-pvWdv_ZD6hrx6wkaGm7xllq1a3Uj0N7x2qoB_2XhFi9gwTciXSJ0m2exa8NML-Uh_jJ_9wcm8CkEivvor8bfnlGXQTtjgfQPUmYC1mHajkLzqE0esjsGVfMOLWdTfuZl4ooZ39MjIb4P2h76GmR1qoWXpzN3N6C0H9rgzVwXU3zYM-UBcxBfCt_tgbEA5Dnhwz53XrjmwigfhPYaWPQ3L6k-y2C12cOrbxl8Cm1NnahH78q_kV6lX-d5I8EmsNZNjOL6VDapBppAwvGWAiWdsxgjIzxO7l0yucGlMMyVDmVwRYHp_niKgD4FdC5yIFEizxb5ZVqYilgEal_PgXWhKJJSJuPPyoQ2bOp8gcXOkfH0O0z095SlGGpLpguCXOjYfFlZ41tk41gIblyTPHbeB4PnS53HayehowEPSh131sddFX76mXbu50ewjeO57fBFnipxkq7CvD0_6EoxjvVUBnenPWNdsin_DksfUuArTDaqKiCnU1LweqlfFsFbOt7DwnBImrjD_Sm0a1unSseCzCM7uZxGi7Y_bU-UsU3juY644G1t8b_Z2_d_RC1QNFncJJ1sLw0LdrxKEXhKOamfUG_mKybK__bnw5RRm7CNWxso37mkMzz88Ty-R3fLQnsUguchkc5WvcYHc3KqAK2lZxctWYoWNqq29AE-Wt6Ghp1cPV7X46v4nKgWAmhIuVGSh0pO5_kH1FoiHgQxwDPWSFBX58SKMgAZZ7lcOzrf2-hAzHpTrqGXNclt67vrgHXC-e2hukNUc_SWEbNhsNrKz1Lh-FsEHF-ZtCPL-68aa-_16jNLO7EQu4kG_abvnQzoyywl1h0khYzP8B-6CHlBgVuvevfVNYp7yi8p8GRi1dBp7b1zopXm7tO8LqAUOVwhL1bTQCwncywDYHNo7btPK3-JHCxYYHjAyPjKsKr1wTWLBEinz5elvE82I6Ipov4LerVbZ4TufmcrjnLFC6XP6iBLl7RHPKhrQKYCEjcA0LUh27KYggCL_6Zg&sai=AMfl-YQ74EY5QyDgCItiRhAEweZbN_u-CGEXI4AfvX6c8ekFPLgyF3fIce-R2N9rOhl8zec4lACF3uaSmd2hOk9ZMbFFdZQimngmasWJSKacV9sSBCcEMh9MthpJdfEbpoNnv7EkLPXI166D2AVRTyigIShT2B3p6r2hQi3LcyWQT6lrrKSrKG96I1yK14PMaroxwMbKiVzXGm0F13JYUB9hfrIl&sig=Cg0ArKJSzOZx36AYunZAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=662&cbvp=1&cstd=659&cisv=r20220518.73652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 16:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 091B
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

40ms
40ms

Image
image/gif

3.125.240.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 3.125.240.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-240-25.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:24 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 23 May 2022 16:36:23 GMT
Last-Modified: Mon, 23 May 2022 16:36:23 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA38 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 449270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 95ms
94ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=130f77d6b1c03484&pm=bmn&p5=kunhv&ad-session-id=4752551653323779297&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=gcihyrn&sj=FSWraDAP5Hc1Dd1imF8NmnARKk-8WmfrMxzEtYlok2scPqhNUgJPIJjKcOOSXQ%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsnx&rqs=BDjBCW5umSMEuIti-CypitVpmVZiBAcn

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F79A 41 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 66D3 1 KB
749 B 44ms
43ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 V02_728x90.html Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 15 KB
3 KB 85ms
41ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 293777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3248
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 07:00:06 GMT
expires: Sat, 20 May 2023 07:00:06 GMT
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F79A 0
64 B 143ms
82ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3FW9NPLjaRX6Pm6cPOXpDA7zQ7NtWZJn3QiVdeC4iOz_bSHXlhi41D-azwnY3CZIlilIMAA-ao6fN5TD5oHijf8w4yz__IiBPHWTQB1TwmF_lzxfC1R1Sd7lyNoLfibo4eNUEl_xwTOctemu4LOTav-HvADOMRsVaBv8aWmJPq6oN82A4ffi_KdnCfvjbJER28agQodAL3hB93b_Oo5vDZS2QSz5H6DgoqF6ugWuZS7ExijV-TJtlmCKUD9NY7KykIiGyt65iYx0vX69ugIH2Ura7NPcUQFkAX2uClYL0XIHvT0jZ69ibrLqVbLKe_UUElDUtbVuNQFQfZ_2ISiGIhhuklgHLIUYsicFSaWzeAlqrQ2_y_A5awVWX0TPZmo-vKZiK_1H6o3sOxtYT5nbKLAtqZhiojfZVDh-I9TxKQiFOTgBzt2Bj-v2SapqM-sQUgBmaHblx4G315mMqH3pBi5FIpvrhiz0l49dXuZVTKi6gOcFpo961vbiv_Nff1G7fdWs3wGYG_YF3dccyDlxqSXmmb0R2q-ClObOIJDqH6LiBsyYHnLRRJ2B09w6ZJa1L2n-65Z8nnBwh5RwpKz7ERYgVNy1uJLRvanusu1dLQ0QnPq6BSRfwUu_xm4uenPzQN2yR3w0zLFMFe_sOaPyDpHzF-Qdk67ayDU_18b_Pd5diDF0kdecLLIfE4BFHuQaVeOqVxT2sq7ocrxiB_Gx0uyPiIQ9Y1dTxWtLM_s0FazH-K5jdBkVs-NBFHvBAGbvgyKvUgK7Omy4-dFLKLmngMO23xzDjUWIysFxuWZF3IwDyJ2bOM113Ff9M28RlMocuS7O45ilC687n04wBpH5DyQYKbGTIaVc73tC1Z5ZDy-4UVGOnni_2M1SWKbmZNUk732oqyRaOANwo1FT4OPXf_afgeiov_s8CUTO7XHalfRFwmZPJBlP2dOvV22p1Fdl9eNqPumRlcOywLTnsL0M_X6-5SxrQ7971TE7U9R-UjmBGt0a8O4p_DVBUWQYhsvYXP4ovX3HMBU-gfmY7nwfkJcXhDNBRf-F4Gsak3i20BD5ypWNq5QL_qOpo3_mbL36rk6GdtIidablT0gTusfu8UWmQIumZDVqzFHSCGAVlgFDIv4l3DeYpsl4dlrnQP-9KWSsie4UddQ&sai=AMfl-YRRmxZEaVZDa_nV-kYfgZv5CczQv44AYVP0VumE9RLzf_mE-KvOKV1XyOupYe9cKVKit6EsSzUf6uqwzXiwj3Si2C4DqGFt-xaFC5u_fADUs9NjslkcgsTz0dv1wyveFPViC5QBgFJSalj0Naci4FVSndWLFukO3hX6m1hHlOQCW1ilJhvjSwkAPiDpJnwe2ONDvy9jKfXeTEEpoT1Q27jB&sig=Cg0ArKJSzEAzwtkYwKqkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=532&cbvp=1&cstd=529&cisv=r20220518.59981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 16:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 109ms
86ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=75f96d1a830acd30&pm=bmn&p5=locem&ad-session-id=4752551653323779297&utg=oxum&lts=fjdzdge&ytt=218804424671237&ybv=0.585102&ylv=0.585102&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=ngghbvu&sj=6LhxZKB9CGEXZivqFid2Lt74swKviS2V6jn2hL5yxAKLxzvqSTTfo7BHEnlrLA%3D%3D&puid1=Homepage&pr=edbbcwi&p1=crsny&rqs=BBjVIHXWBIkEuItiuEBNUrKT1nIPY0U9

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 16:36:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
DATA 200
OK truncated
/ Frame F79A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 969f07055235eeaf6f4a2bd6a938361f7aa30d9f4f0f7b82b984bc5a4e86cbb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CCB
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQ-gRfg-ClU4u3pXSrbfd8&google_cver=1&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-Fv...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-FvJEmO5HtK-nQw_VSDoPCoA6JTNpy9zC63Xdb_KPrvWd&google_hm=xMNEpvcLLEMM...

170 B
188 B

58ms
58ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-FvJEmO5HtK-nQw_VSDoPCoA6JTNpy9zC63Xdb_KPrvWd&google_hm=xMNEpvcLLEMM3vcifSf5UQ

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLOjEnpshskrpxXxk897SzygM86hjCWlF2hNpmH1c4CEFqkcCl-FvJEmO5HtK-nQw_VSDoPCoA6JTNpy9zC63Xdb_KPrvWd&google_hm=xMNEpvcLLEMM3vcifSf5UQ
pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CCB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJXSMk2XYA_gU-dZUdDUDLg&google_cver=1&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg&google_hm=Q0FFU0VKWFNNazJYWUF...

170 B
188 B

57ms
57ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL6pQuec2zfkRP0qSQGFuGecHi_g39AUZpiGxF9bLQDi201XtbT1q7UGNawTeIBVmahpzIpeeqiDhe2oL_1Do7KkwBojRDpGg&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 0CCB 42 B
60 B 50ms
46ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJg3YgW9nTdo5_ohkYccrvegicUDEkLclDmGL3GDdjQe1xNgOy2RGzrHG--AfASXJwDrmLgx0Umt90-UCn43QskUz9DG8_1WQ&google_gid=CAESEMDDPUg3rETF2_b6KQh-GoE&google_cver=1
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 0CCB 43 B
64 B 101ms
56ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKnSw1iBX9Zyg1nu27cdUwU&google_cver=1&google_push=AYg5qPLQxa513DO6MLC0AtRqYRSIGk4NAlBSYhlHa0pT1_zLik5WjTvzk5vkLDx9V_smqjur15ktod--xYnRg6PtGF0lm4A5z-iObA
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rhnhgjn6qkpb76udhd2np2gdprvh1n95

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CCB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LJMmtqvlRJiEn15A1hVvGw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

56ms
55ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LJMmtqvlRJiEn15A1hVvGw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlOluHLlk74RvyaG0jPd_kh8i-7FsuIRNwTDpmGitK4DJ81Ze8Po2IEpxFSI2hUnEZ_-rM8CYoqYw_RanKoIq-zXztaWK1Lw

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LJMmtqvlRJiEn15A1hVvGw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlOluHLlk74RvyaG0jPd_kh8i-7FsuIRNwTDpmGitK4DJ81Ze8Po2IEpxFSI2hUnEZ_-rM8CYoqYw_RanKoIq-zXztaWK1Lw
date: Mon, 23 May 2022 16:36:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CCB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDKnhA_HznUf6m_HNO9XLM&google_cver=1&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFLNlotSC00T1lS&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqcmMLVAEV4IsOZszeqxEPxdPxcu

170 B
188 B

55ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFLNlotSC00T1lS&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqcmMLVAEV4IsOZszeqxEPxdPxcu

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNJWUFLNlotSC00T1lS&google_push=AYg5qPLyxojKuMuO36im-q1SIOQsQuaSCFX90p34mQtyHBkc_cH3KZnSo20PSJ_okIZV0DAmMqcmMLVAEV4IsOZszeqxEPxdPxcu
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CCB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_push=AYg5qPLom_I4t_A-_-JlqF9dtBFbH0x7TL5CpV0kDMzuM-xQZNFs0ZAVI6ynsLCGwMsxHRabMkBgskasvMiFyys08B...

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_push=AYg5qPLom_I4t_A-_-JlqF9dtBFbH0x7TL5CpV0kDMzuM-xQZNFs0ZAVI6ynsLCGwMsxHRabMkBgskasvMiFyys08BMFLplnGma5KA&google_cver=1&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=You4B-ug9g-4CLoLeUiLjQAABK0AAAIB&google_push=AYg5qPLom_I4t_A-_-JlqF9dtBFbH0x7TL5CpV0kDMzuM-xQZNFs0ZAVI6ynsLCGwMsxHRabMkBgskasvMiFyys08BMFLplnGma5KA&google_cver=1&google_gid=CAESELWMZ0p3Myz84vVsFoc5JvM
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Mon, 23 May 2022 16:36:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CCB 0
12 B 50ms
47ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRiOc4oKImK8EVJQ79GjuWFN6ZhVW-dd3gOHlmsjt8CQNHEZEcDmKZW_Up-MRGTu3tbewF

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 1 KB
524 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 19:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 495
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 19:20:25 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BA34 109 KB
37 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 16:36:24 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 8 KB
2 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 01:57:15 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 55 B
103 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 731 B
263 B 39ms
39ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 14:31:58 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 24 B
72 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:23 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 281 B
187 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 247 B
225 B 44ms
42ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 14:31:58 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 21 KB
6 KB 67ms
66ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:08 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 3 KB
1 KB 67ms
65ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 8 KB
3 KB 62ms
61ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 14:32:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame CA8D 134 KB
45 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 16:44:18 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 13 KB
4 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191287
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4332
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:17 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame CA8D 5 KB
2 KB 59ms
58ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3FFE 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 449271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 43F8 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 16:04:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELtXviomELESA7rT5ojYCTw&google_cver=1&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATVLuDVks_bkSHfmA

170 B
188 B

57ms
56ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATVLuDVks_bkSHfmA

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 May 2022 16:36:24 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL66qV-F_5CgTDxS38FYw9ohWo0jmr9YxqGAW9sHL5JfA9QOHgDS_73SpAUaLaYrzgSUj92QKM8TWWNSATVLuDVks_bkSHfmA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 23 May 2022 16:36:23 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC71olzL7bES3rQzrWp28u4&google_cver=1&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0vwwrUSlWrMnQnHl99YQ&google_hm=ZNTdpr0MS--q12Qisp...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0vwwrUSlWrMnQnHl99YQ&google_hm=ZNTdpr0MS--q12Qisppby2Y

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJG2MV3ly7V4RwKkZynPbJ8JXMYxRj25PnO8brmv2eqVKYFbbC0pKpEPiEJlnQsNnlgHUjNblEF6K0vwwrUSlWrMnQnHl99YQ&google_hm=ZNTdpr0MS--q12Qisppby2Y
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 66D3 43 B
70 B 49ms
48ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBDpaeJW26_xp7RwESWN5Mk&google_cver=1&google_push=AYg5qPIuJzZobjlfo_OJpA0Knd57csTm8_VXYU7-TWdaXWfxvEC5Sx7LfeVWtAJKenHCXCMIgyVXH2Qwl9Z2zVcWyQp6pBMh1XWEBQ

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 16:36:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcFiJIUsT67OAYM8d6a2wOsBhZPJu09rhvjgTyQoEm81Vmb8_MqQy3vQZOxh7EUMy6ksyXGrR7WMVJVke4FZ6oG4gKgH-yJA

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcFiJIUsT67OAYM8d6a2wOsBhZPJu09rhvjgTyQoEm81Vmb8_MqQy3vQZOxh7EUMy6ksyXGrR7WMVJVke4FZ6oG4gKgH-yJA
date: Mon, 23 May 2022 16:36:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEM7sXMOaVI0cNIjjGGOqV08&google_cver=1&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM7sXMOaVI0cNIjjGGOqV08&google_cver=1&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6N...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wLMuTSU1S2aZEgz8tJMHMA&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wLMuTSU1S2aZEgz8tJMHMA&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_U1exYVZA

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wLMuTSU1S2aZEgz8tJMHMA&google_push=AYg5qPIdArqbfn24UJs-IJ_0qrlGDaHjX_mluOe8bx0ezbsXeypGAPzMPXklT-g3tRSg5JPk3WABiVTuT_ZT4o6NWlBY-_U1exYVZA
date: Mon, 23 May 2022 16:36:24 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG0GNHChVqBfIJ0dofPdZ1k&google_cver=1&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjt...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtF...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDYxMDUyOTI5OTM3MTgzMTA2Mw%3D%3D&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqG...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDYxMDUyOTI5OTM3MTgzMTA2Mw%3D%3D&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtFSJA

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDYxMDUyOTI5OTM3MTgzMTA2Mw%3D%3D&google_push=AYg5qPKXEU6C8v5TU6eJy3dxHsl0TbA17wWpovO0l8dyJwP6963mUVqGiDMNuDbswO8Ld7skEYtGNJv2hnrpSBT8wmJ_kLPEjtFSJA
date: Mon, 23 May 2022 16:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66D3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEmQl6cZpZbR5nWNjCCy1Aw&google_cver=1&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEmQl6cZpZbR5nWNjCCy1Aw&google_cver=1&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10VXVCcUs1RTJ1RlJZWEIyX3dBcDBNeUdRSFZtSFJfeX5B&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKX...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10VXVCcUs1RTJ1RlJZWEIyX3dBcDBNeUdRSFZtSFJfeX5B&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl3LLOopJNsNmssJSBsLzvqn_kFGZg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10VXVCcUs1RTJ1RlJZWEIyX3dBcDBNeUdRSFZtSFJfeX5B&google_push=AYg5qPLTGGHLFvLlnP9AsQutDi5uTZIyQfA8R1Mu7KGaanrTH_O_9WjKXzv485zvU-DPZXKAwl3LLOopJNsNmssJSBsLzvqn_kFGZg
date: Mon, 23 May 2022 16:36:24 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 66D3 0
12 B 49ms
48ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka3Z9Ape000XImmgProWONHlIKuMZmUAeA3Nc7NEIe5xizA2Nu0EnB7mOjVNeAgxEMojHQYw

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame AA38 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 16:04:11 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 0A64
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22657800129908204444550011968012&actionid=981741&produktid=&dt_url=

0
607 B

150ms
56ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22657800129908204444550011968012&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 23 May 2022 06:36:24 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 23 May 2022 16:36:24 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22657800129908204444550011968012&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 50FF0766:DE7C_91EFC182:01BB_628BB808_1073D1F2:20810

GET
H2

200

index.html Show response
www.parship.de/wplp/htlp/de/ Frame 3BDF
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=22657800129908204444550011968012&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID

558 B
967 B

176ms
74ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control: max-age=10, stale-if-error=432000
cf-cache-status: HIT
cf-ray: 70ff35d5cc2d9954-FRA
content-encoding: gzip
content-length: 325
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 16:36:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 28 Feb 2022 14:30:12 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 16:36:24 GMT
location: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server: nginx
server-id: 13
x-robots-tag: noindex, nofollow

GET
H3

200

activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872 Show response
8019191.fls.doubleclick.net/ Frame EF41
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872?

391 B
346 B

134ms
58ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872?

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

15962902fbad9305c4351f5e07f73518f942b68cc59acc1ed69e79d97d4ad007

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:24 GMT
expires: Mon, 23 May 2022 16:36:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 846F 7 KB
2 KB 118ms
39ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d7e82f8e6e&subid=&uid=c26e3e278e975b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDR5BriLYsCdHJCJ9u8PnIiByA-m5b2gaYWVnKfJD_AuEAEgrMjqS2CVopWCoAfIAQmpAp_78Q7y6bE-qAMBqgTWAU_QSI_ZZacs9B7yD-7-gEAPw3H2ffBdwFDZQwgZqqNiGFPF3Xd_c8u5U-yJKWXG3CUi1yYibt9us2PkLOnppdGkiucT78u6S6K5N_oSq0fJH6WStEkdoY-MSceWbQuqlajWx_4pDg0LBvwxI_bhZ4hIv42b5p34kAQHvYnu08C-cgWmRfaS64UTVRb03FVS87c2KZDwdxXNruTFq4qAS4OI_YJcv1Nu5gj7OsV41e0j0afakqzCCjX3QOWdfBvEgcQ-Kxc4000jrRzDp4eCKP8xdmv1FJfABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoo2YiXdDJEnCLQLY0fNppLCNXacERfAGhzJI03Cv8fNrc61U%26sig%3DAOD64_1xAM4-7SQtowqyZ_v8m3qxHAFBCQ%26client%3Dca-pub-3369263710096163%26dbm_c%3DAKAmf-Ck8DA87bp_OyAsuAkIC4FiqcqmTVcwHNPr39SegTC3CClMPeaeJTWT6JcX-G9Ucxg3EPi-zlTlpV7TyP1MnBd4RF4cFVSPBqrd3YZNkAOyiJNNXQYfbPI06M-NL5ru9GNhftI0JY4b5holvSQypSGvvJInOg%26cry%3D1%26dbm_d%3DAKAmf-CBc_VAqWHuTkBoHjDIO-S75J9qagqRhc-LYBmgsfakUoAc1ahd8OpTIHAkneqIECVNBUS6Vn8Z_4x2J5j_EyXcqZzgI1zxwQDQG3BDtUBbJvkoECqdKX2qVhsKkAbk-ybzXV3osA9sizqrq1Ah8WO99MBVJDVnOVp95e8YdPgV2JePaQrHicC67LfVKcOU7D2M6ie_F1dg0xswctg35B4yOX6ODoPHSiBgp7qrJmmMllZl-QtZj5xKse0AzKHIkgmaQDH-l6Q2F5jlx-33WyfTiGKh05fzbBpfMNRsx-05EpRwp1zrnkOD6OGv09V1KUFVxXMEN9l_ve7gMUOLBhFZP_yi_gisOFOG1SoVwwWkPpZpyPmf96GVlhpTFj0TfqVoccuvGafdnPpLGUFYGyyB0jWiyqBTHG1fdGqQATcA35hG65WQsPfYQjZny5289wpUFfWU%26adurl%3D&documentReferer=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nur.kz&random=2551493865410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 98110f684db8a3d675df3a204a9872fb3f53c561426c47126072bcca7a1dec75

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2112
Content-Type: text/html; charset=utf-8
Date: Mon, 23 May 2022 16:36:24 GMT
Expires: Mon, 23 May 2022 17:36:24 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame C6D3
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=22657800129908204444550011968012
https://ad-server.eu/wm/pb/native.png

68 B
312 B

333ms
96ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:41:26 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 23 May 2022 16:36:24 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0766:DE7C_91EFC182:01BB_628BB808_1073D203:20810
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C6D3 43 B
705 B 219ms
70ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=22657800129908204444550011968012&pv=1

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 420F 1 KB
750 B 39ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C6D3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ca4f411baf3bb9280ba26f84f8b44138dd0a7db25c8df027c12fe34d9afa284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 17 KB
17 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/bg1.jpg

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 09:36:33 GMT
x-content-type-options: nosniff
age: 197991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17743
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 09:36:33 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 421 B
456 B 43ms
43ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/b1.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 421
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h1.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1964
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 3 KB
3 KB 46ms
45ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h2.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3522
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 2 KB
2 KB 47ms
45ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h3.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2383
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 1 KB
1 KB 45ms
44ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/cta.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame BA34 3 KB
3 KB 47ms
46ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/logo.png

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:53:35 GMT
x-content-type-options: nosniff
age: 312169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2971
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 01:53:35 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 091B 0
26 B 156ms
75ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-EnB1hUc9E4I6zX7J3LTswWwp21g4FFRVX4pmrJpE_HDhFjmrRkQg-j08-EprBVKy-auA2NsTUBZovHQnWOZQiGjjX2keNi7KDFMIuolPCYKAhJM0ItFi77IZKXhBllKvfIdxwVkJbmYaUDN77Z6JYYiOilaxWvv8-QHep82VDUMJ6ewgM6tyE-pvWdv_ZD6hrx6wkaGm7xllq1a3Uj0N7x2qoB_2XhFi9gwTciXSJ0m2exa8NML-Uh_jJ_9wcm8CkEivvor8bfnlGXQTtjgfQPUmYC1mHajkLzqE0esjsGVfMOLWdTfuZl4ooZ39MjIb4P2h76GmR1qoWXpzN3N6C0H9rgzVwXU3zYM-UBcxBfCt_tgbEA5Dnhwz53XrjmwigfhPYaWPQ3L6k-y2C12cOrbxl8Cm1NnahH78q_kV6lX-d5I8EmsNZNjOL6VDapBppAwvGWAiWdsxgjIzxO7l0yucGlMMyVDmVwRYHp_niKgD4FdC5yIFEizxb5ZVqYilgEal_PgXWhKJJSJuPPyoQ2bOp8gcXOkfH0O0z095SlGGpLpguCXOjYfFlZ41tk41gIblyTPHbeB4PnS53HayehowEPSh131sddFX76mXbu50ewjeO57fBFnipxkq7CvD0_6EoxjvVUBnenPWNdsin_DksfUuArTDaqKiCnU1LweqlfFsFbOt7DwnBImrjD_Sm0a1unSseCzCM7uZxGi7Y_bU-UsU3juY644G1t8b_Z2_d_RC1QNFncJJ1sLw0LdrxKEXhKOamfUG_mKybK__bnw5RRm7CNWxso37mkMzz88Ty-R3fLQnsUguchkc5WvcYHc3KqAK2lZxctWYoWNqq29AE-Wt6Ghp1cPV7X46v4nKgWAmhIuVGSh0pO5_kH1FoiHgQxwDPWSFBX58SKMgAZZ7lcOzrf2-hAzHpTrqGXNclt67vrgHXC-e2hukNUc_SWEbNhsNrKz1Lh-FsEHF-ZtCPL-68aa-_16jNLO7EQu4kG_abvnQzoyywl1h0khYzP8B-6CHlBgVuvevfVNYp7yi8p8GRi1dBp7b1zopXm7tO8LqAUOVwhL1bTQCwncywDYHNo7btPK3-JHCxYYHjAyPjKsKr1wTWLBEinz5elvE82I6Ipov4LerVbZ4TufmcrjnLFC6XP6iBLl7RHPKhrQKYCEjcA0LUh27KYggCL_6Zg&sai=AMfl-YQ74EY5QyDgCItiRhAEweZbN_u-CGEXI4AfvX6c8ekFPLgyF3fIce-R2N9rOhl8zec4lACF3uaSmd2hOk9ZMbFFdZQimngmasWJSKacV9sSBCcEMh9MthpJdfEbpoNnv7EkLPXI166D2AVRTyigIShT2B3p6r2hQi3LcyWQT6lrrKSrKG96I1yK14PMaroxwMbKiVzXGm0F13JYUB9hfrIl&sig=Cg0ArKJSzOZx36AYunZAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1131&vt=11&dtpt=469&dett=3&cstd=659&cisv=r20220518.73652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F79A 0
26 B 148ms
74ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3FW9NPLjaRX6Pm6cPOXpDA7zQ7NtWZJn3QiVdeC4iOz_bSHXlhi41D-azwnY3CZIlilIMAA-ao6fN5TD5oHijf8w4yz__IiBPHWTQB1TwmF_lzxfC1R1Sd7lyNoLfibo4eNUEl_xwTOctemu4LOTav-HvADOMRsVaBv8aWmJPq6oN82A4ffi_KdnCfvjbJER28agQodAL3hB93b_Oo5vDZS2QSz5H6DgoqF6ugWuZS7ExijV-TJtlmCKUD9NY7KykIiGyt65iYx0vX69ugIH2Ura7NPcUQFkAX2uClYL0XIHvT0jZ69ibrLqVbLKe_UUElDUtbVuNQFQfZ_2ISiGIhhuklgHLIUYsicFSaWzeAlqrQ2_y_A5awVWX0TPZmo-vKZiK_1H6o3sOxtYT5nbKLAtqZhiojfZVDh-I9TxKQiFOTgBzt2Bj-v2SapqM-sQUgBmaHblx4G315mMqH3pBi5FIpvrhiz0l49dXuZVTKi6gOcFpo961vbiv_Nff1G7fdWs3wGYG_YF3dccyDlxqSXmmb0R2q-ClObOIJDqH6LiBsyYHnLRRJ2B09w6ZJa1L2n-65Z8nnBwh5RwpKz7ERYgVNy1uJLRvanusu1dLQ0QnPq6BSRfwUu_xm4uenPzQN2yR3w0zLFMFe_sOaPyDpHzF-Qdk67ayDU_18b_Pd5diDF0kdecLLIfE4BFHuQaVeOqVxT2sq7ocrxiB_Gx0uyPiIQ9Y1dTxWtLM_s0FazH-K5jdBkVs-NBFHvBAGbvgyKvUgK7Omy4-dFLKLmngMO23xzDjUWIysFxuWZF3IwDyJ2bOM113Ff9M28RlMocuS7O45ilC687n04wBpH5DyQYKbGTIaVc73tC1Z5ZDy-4UVGOnni_2M1SWKbmZNUk732oqyRaOANwo1FT4OPXf_afgeiov_s8CUTO7XHalfRFwmZPJBlP2dOvV22p1Fdl9eNqPumRlcOywLTnsL0M_X6-5SxrQ7971TE7U9R-UjmBGt0a8O4p_DVBUWQYhsvYXP4ovX3HMBU-gfmY7nwfkJcXhDNBRf-F4Gsak3i20BD5ypWNq5QL_qOpo3_mbL36rk6GdtIidablT0gTusfu8UWmQIumZDVqzFHSCGAVlgFDIv4l3DeYpsl4dlrnQP-9KWSsie4UddQ&sai=AMfl-YRRmxZEaVZDa_nV-kYfgZv5CczQv44AYVP0VumE9RLzf_mE-KvOKV1XyOupYe9cKVKit6EsSzUf6uqwzXiwj3Si2C4DqGFt-xaFC5u_fADUs9NjslkcgsTz0dv1wyveFPViC5QBgFJSalj0Naci4FVSndWLFukO3hX6m1hHlOQCW1ilJhvjSwkAPiDpJnwe2ONDvy9jKfXeTEEpoT1Q27jB&sig=Cg0ArKJSzEAzwtkYwKqkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=970&vt=11&dtpt=438&dett=3&cstd=529&cisv=r20220518.59981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D0C8 42 B
64 B 153ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLMkxiA5cNWX_6ekL8RATTXBmEvxxZaVq6RyL9hDn4vlNSvAvFJ17mruLhJDGxlgT6sOALAVSuQGLgG0udsXRKpyfo7bAgxMVu2IqNqdObliXUsttBwFWVkpme&sai=AMfl-YRjAjnCVkSZnq7OsoTisCGMnauHK2lft2Raz8EEoq1mm5s8kKPKzLtnhxiOH5TFimU7cjJXUXuORiMEbcDH_goE3cEfJkt17cKk9RbnaNkJgIGU9UNpDfbkwwvJ&sig=Cg0ArKJSzFCIZXlE8MqUEAE&cid=CAASF-Ro9-3xIhHzPt40MYUGq82lN38vjbh6&id=lidar2&mcvt=1108&p=0,0,200,728&mtos=1108,1108,1108,1108,1108&tos=1108,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1921805917&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653323780441&rpt=1722&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 846F 1 KB
419 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 15:07:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 16:36:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 16:36:24 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 846F 9 KB
9 KB 120ms
40ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bcad14ba40152f92c848d1262099a581647b11b2d2a066dad5dc87d49b2e6917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9343
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 846F 10 KB
10 KB 118ms
40ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-627x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c17c7e9240eef13cff64836fae515704bcb74973c240613b57d8b21f97f93792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9733
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 846F 7 KB
7 KB 118ms
40ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_627x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d09f2fd7b754f30211babf8971d3d203fe0295b23e6ea206a8b3b0ec2cf2ec0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7364
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FFE 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 16:04:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 420F
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NENBQUFCWkpySGdQNQ&google_push=AYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_ypLFNQup-CO6lKt3QTixbelYnU4pGPhq2Zqmhpzowb0TRiVXpXDo43T...

170 B
188 B

54ms
53ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NENBQUFCWkpySGdQNQ&google_push=AYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_ypLFNQup-CO6lKt3QTixbelYnU4pGPhq2Zqmhpzowb0TRiVXpXDo43T_NKA

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW91NENBQUFCWkpySGdQNQ&google_push=AYg5qPIdoZFwWE1fdWAeOwoZKqyzEyNoTSMLcZa2sI_ypLFNQup-CO6lKt3QTixbelYnU4pGPhq2Zqmhpzowb0TRiVXpXDo43T_NKA
Date: Mon, 23 May 2022 16:36:24 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 420F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJXSMk2XYA_gU-dZUdDUDLg&google_cver=1&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD&google_hm=Q0FFU0VKWFNNazJYWUFfZ...

170 B
188 B

54ms
53ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLvtk_6Pa-AAsPj-Roz-ID6GDJlAnlqMzqmzyBlsLaOOkUm8b32ez6Swi4zUNtzTfkkFTTZnkrnQlEVz6EAF0gLYnGqTNwD&google_hm=Q0FFU0VKWFNNazJYWUFfZ1UtZFpVZERVRExn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 420F 42 B
60 B 47ms
45ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJNt3ltyM82UQQ0VHvo58YtRNtq_QUjpWSlGFcxtXzM2NDy7HqzpsZDoMZLW9HGJElBXqphQBg5AY74FuXXyqmSEmzzcGGpQg&google_gid=CAESEMDDPUg3rETF2_b6KQh-GoE&google_cver=1
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 420F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIHc0C6...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIHc0C6...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjMxNjM2MjUwMDA1NzM5ODA2MDA4Mw%3D%3D&google_push=AYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjMxNjM2MjUwMDA1NzM5ODA2MDA4Mw%3D%3D&google_push=AYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t3nzO0JieSEP6nmhJRqoftMuFn7h51X_A

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjMxNjM2MjUwMDA1NzM5ODA2MDA4Mw%3D%3D&google_push=AYg5qPIHc0C6Wr6NXR8PcS0uZTBx56ekLwSAMlC-NWmPk8p2r891dH98p0Rke9vVQRXw6t3nzO0JieSEP6nmhJRqoftMuFn7h51X_A
pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 23 May 2022 16:36:25 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 420F 43 B
64 B 55ms
54ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKnSw1iBX9Zyg1nu27cdUwU&google_cver=1&google_push=AYg5qPLVeVAiqbvr6XiBHePkCxWiDEcJBQHAPOpnXXQzQSl9IBOIi9evaavn05adNg0u1tRnVPrcyTugM7Y2ahozplkMpiPQv0IUbA
Requested by: Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: okjkha3dpimnbi90lesef58qt094qpvu

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 420F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

55ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPItB8hip1-yAKgcdvHDgsLfytFM8cdBD-xVD8G0yQ9h9oh7i-KXkbU1MuyNcpLY8D94ntjUYuqSfdxq55kC3QToUh7v4YEsHg

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9g7DNctFTjuGrbdv5-CKDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPItB8hip1-yAKgcdvHDgsLfytFM8cdBD-xVD8G0yQ9h9oh7i-KXkbU1MuyNcpLY8D94ntjUYuqSfdxq55kC3QToUh7v4YEsHg
date: Mon, 23 May 2022 16:36:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET googleredir
googlecm.hit.gemius.pl/ Frame 420F 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 420F 0
12 B 46ms
46ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWaB9EiIBWZftCXRTGpJ5LOyLu7DFKlK2ERP1PVSbhSPo_FQjg6SuDj_1NTXqG41cJcQkDHQ

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 846F 0
150 B 118ms
40ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=22657800129908204444550011968012&a=26a894ad&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=22657800129908204444550011968012&a=86e7fb2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 16:36:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872
adservice.google.com/ddm/fls/z/ Frame EF41 42 B
63 B 78ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJGI84aH9vcCFQOvUQods8wIhQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2427193022026.872?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 peg_logger.js Show response
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 3BDF 12 KB
4 KB 108ms
107ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7619
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 10:03:55 GMT
server: cloudflare
etag: W/"62399f0b-2ea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 70ff35d7b98e9954-FRA
expires: Tue, 24 May 2022 14:29:25 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 3BDF 30 KB
9 KB 119ms
118ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689ff7cb7dbf8065daefadaa13213620126df9fb5d5575cad58a97b325451e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13835
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Apr 2022 11:46:03 GMT
server: cloudflare
etag: W/"626a7e7b-77a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 70ff35d7b9909954-FRA
expires: Tue, 24 May 2022 12:45:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43F8 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoVAyB7iLYvHSBqPhx_AP7PWYkAMAAAAAOAHgBAI&bg=!aWqlai7NAAZ4vKt9WLw7ACkAdvg8WiQiecXqK9WgkLDAnpnqT15yvr27cjw0C03oZ5EnXrAQmG05rwIAAAIyUgAAAAJoAQeZAzIU7kikWCkMRcK-AQsHesRNT4IXnwyhbaYCBoCq4KNQd32ooTl7jRajmiQ6Sb9wIhTZRNT7lHo7KlKAUD7DUc2nrhFYMnf671PBkCe49TZXkcX62AKIHMorvfBr5prBxPUff2P2hwYrmcU8OP1WGoKXKm-eoqKXRuyvgCQL_CD5muWgttPdgjXFDHwpOd7yfHixG_Scg95roXyI-YsFo3R5yWXLmd6ZpYuitnj1NBO5UTcHO0RKxgqQx0VXqSAKCVI4BJgiad5rYZI7gK68l3Q3gOOFxaMCi6BpUTDK-6uUN6bWwp6yuYSqbGYTuavpkttiqhsr7gQue69ZgrntTO-tRLPPPuQSHS4MrhcXhAS-h_qZVq1NfwBrMOD5gpnDmyAOMlrjrwe5JphbMcuIhqXlhJ7sUu1iS7tToU_s4mmvbJ5IVXDIa9WFW2OClxcF_5EvQ5kJom6K8p3I5TABE-gEBCIIavU3SQV4JTlpaQEK-k6hix-_KOhgkhM1Pa3Ct2x93bulD3VY8rLi5teLvBypoXpULCOicEA1oKQVmmEP17o-uAcZlN8utkLMFjvCDAkbKUrs6W68XgGJob0P_mCbSBgTmnI7ke_eAWvL_AvyTubs64X9RdTwEog6LjpKv1aAVXkpnQlNswrF4Fz9qnRbyKDEjjB4swTWSyohnKDYl39oG91p_45zN-845bDzmbEQtAc5NtHwpdSvH2GHLLbf1Ncw8wPHXntZj7NBc-I78EV4Gy7O-8jzNUf5bZlHTgxh49l4pqbJIubJEtOfuvJH9uRfvnb9KS5_8-q3WKiXGgjswpVo1niNo8XLiYguF4CAijGgJ12rSoNgtzsjB3TOeuU6IlOnnI8OdOm031UpTqBWQlIhM2MtO6CnhyKP1h12gk3vTMoZlkt_nY8mB8aMhea0u47_PGXXNqaiokYW2k96Y2YXyEOgp1fo9XRVxx-J-qd2RMTjxc-XP583xSuVzqcu2srVz5F6BZcLwKPdgMEKzAFxM9393PEnLxP1Y-Wewz93S6LauogxPt6GnvMmVwoX4zIhk5AMya8iQLj7_kyXzSmE39arXznHw8RAF9jciA

Requested by

Host: 849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
URL: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame 3BDF 24 KB
10 KB 173ms
61ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 3 May 2022 16:14:05 GMT
server: cloudflare
age: 543235
etag: 768077806--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 70ff35d91f32929f-FRA
via: 1.1 google

GET
H2 200 nvi Show response
www.parship.de/nocache/ Frame 3BDF 15 B
414 B 105ms
105ms XHR
application/json 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID&ref=https%3A%2F%2F849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com%2F

Requested by

Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 70ff35d86b319954-FRA
content-length: 15

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA38 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByNziBriLYpHLNaaM3gOokbuwCQAAAAA4AeAEAg&bg=!SEulSw_NAAZ4vKt9WLw7ACkAdvg8WuLpRlaH23pXYCeIUmbt_qfz4rwKmjmfjRgTkAncgNhyTN4o9AIAAAIwUgAAAAJoAQeZAyonq8HkV55DnK6mkIudIZGYNj1AB6I8mWyHzimWfiz7tpIUu8wf8ajAgMRq1F2dqbMMprXCZoLaZeSvqXv0DyJDRL5sM9DRCJnHpzr6ZXLdpkQeu9ArdwdvPo0R3hrVpG1ofgTrQEexgbudgSLE61VDKrb1RmjfBbo3DoOFqUCVnZGnv2bJ8jy7Zw0hrmve1_wM79r58EngCGFy47_RvNQMzkllz2A7kGY-_gJE0rl7tKbtVcVSiHydjaLVrWwJ_8n0LW-SK-9WOnJkJZOeMY_WK1SAF0ofK1fMWLkvRKcgFpdaAa-esSaFUeW1mcn7qaJ2S_Z7sAEcIsMedgCpizzTJ6DGpUNfhRz3aJXhZ3OcOwC7dgCs88-uhY79PT-Up1J69siXy0zpTEhI1TBIcX7zulunk3Hh52YP4HkMcnUkQ8Ghlj3yVTt5vWfTe7-BhiWi1a2miNf5JooyuJEV67nSqvgCxZkkSo_drTEjFpqbNGAES-EXjePfZfTkxhxQ68hK2MKS_KSKicp3aEOhbHey-zBjUUxcqR4mPXciElc2VeyPu_MKM0tofY2GVDFofsYhJfKo6m_1tC1zwIc8Gn-00UN-XfUArhZc0IsitA0mE6vpCD9xsFdRAh6eteGoNEOp0duvRtyrBmmQnfpWpw7yletOKwFonhh4tVIWFQboTk34ZR9u2ldQnmAKwkiDLrYZ4EpkpIc5TuSzytOAsa8VWD18zwQ1STuRwOXtTwf-6Ux5aKxuRqzZ18Cx6_NlmRDHNBVYxHK8oyzZOAu9Tjd1UyP1eIfRLnriUOQ7FDyFSmIzt5imtFzItWLpWbBsm6cV513Vz6gUS2WHSwAReQG-YRBii4Y3rXSiqUQhnbS0qSpNo0fw40V2KMrGCBiiOsH6WBTU-IRvNfcETJbLwmC6J5t_kD9UKyaIXYdJ6-WtFA5C2mingOSXf8XHq2DF30rqrUWI1O-i8ek_ek9vs4v4EKVgmDeXfcMx0KOJty5r7nIulEACxU8pUMiVYBYmIL7chTEYp7gL7AW-5yG2CCCEjvWGqS7lkedEfyX1JSGEVbxUnlRAVFdZWGY

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&RedC=c.clarity.ms&MXFR=37488F2250DE6660009D9E8F54DE6860
https://c.clarity.ms/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&MUID=0810A537B39A6FA13AB1B49AB2116ECE

42 B
369 B

56ms
55ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&MUID=0810A537B39A6FA13AB1B49AB2116ECE
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 728966D8960A4D1294ADA74FF922CF99 Ref B: FRA31EDGE0205 Ref C: 2022-05-23T16:36:25Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=1EEF401046C840AC9E3D8EC264DC4F5C&MUID=0810A537B39A6FA13AB1B49AB2116ECE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 54ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7dc4e5d045255c0214497b60da358e4c486e9533db6e2f4cb03d905e3ae8b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 16:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10652
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FFE 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR_NxB7iLYuDwBZiP3gPYiJTACgAAAAA4AeAEAg&bg=!6-il6KzNAAZ4vKt9WLw7ACkAdvg8Wkdb1fpVMWxEpeMhU-8NcEgt9lxHzpaxHGrkfKlHvzK-GpEGJwIAAAIHUgAAAAFoAQcKAFkhB2RipbIXc53Z3Puc2p7ZXEIB1K-KuRRZa6sY8tpqUs4ZBPxeWI5Za0OiTSIst5AxtrcHbs5EYL8Es4M6UGtlth6Lj_TSakAJb8X0R-ehLMOYresFjk3upZkC63FS7wTNVm0xmExKJuVnqC63Y-wFfjzKvB9qcDeZAySHtCtvaU8-VvAo_nc_B4qzD2XXw7c_Mc_LsIg-DpgaZygEz8AY-MkykpGCe9Yc_pQc56AQ_iLLfmfxOYsVz8BBhAtPfcOVZ7-kd8teH9btEtjNrqe7h2u0ipMpU_HpP5wsKDaiwnE-zPAuCpg3-syPqxMtbqeHH0FdKBEnxMTWImAT2oZWy1MXP8pT5Rf_04mUjM0UcxGt72bn45dgxw9Fr0ycsQuACYc2ELI03P_KMpahGSPNE0iOOEEQlfPf0Vahe-ekFc5zEObxrGALD_8akRGXH-9dstoBZzwM6mXuqACQKvR-hPnbBXcAcbGlMhq6Vi9HDlqvgUk37STz-4tW0MYYJA3UUgILeJDffC9Ejmjtg26BWcmXiANZg9zsrpjcQ1AFTv-BkWOD4Fa-eHhXOZbzhvmd_f_Y7uE2guAB_530OO8WdWXh_X77fnKAVk1yHlg_Yi2lqTwzxIA2EqzvULd4nLH-x1U6o4SiXi-kb_Mqm6b_PVgevk21R1wcEUC-XFIJeBGDrlpgFviYX3Ihk-I86M0p9DAdcpqq2ybsXlSL4uU7H6QFwOGFJQbE-M1ABUhz3BiKZZpkslCtmab_X4XprwyuUmRH5cv0C07SZJ0FYu1HpqOKyJqCrtZVL5A62eDbyPKIlTuf15AR2Ghh7niBke5WnwRyPtabB8qxAYzOs1IGsvGuiKAL46Ojt-in0CReIBEUoFtdsNw1cVl1U8-gjs4dtb6BuC1zbuFkDpEgqdJqIVxvTBZRaPAuR0qf_lMEqvtgcV72WVJcxICvz9IXxFm8TfxwL6pxweXFDkY6fqbxqRHMsA3qkv1FW4BNIWlw_muxBqbq-pH4uTtlB1zGxw3tIQLRsoM9MQnl7KxwJYKRV6y4ss9IHag76GlZ8lpX8nzba5YSd_R1pYWVIoovenOXiisbWwfF8szKXgoV6q0lY66KUEU8ng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 16:36:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B93 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:24:25 GMT
expires: Tue, 23 May 2023 16:24:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0F0 783 B
534 B 47ms
46ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fdcf1db509f69849dfd553fa72889c91b12ce7df7e39a54e734b6e313651902c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hlCRTSspsRLYci13A9HTAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hlCRTSspsRLYci13A9HTAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 16:36:25 GMT
expires: Mon, 23 May 2022 16:36:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0F0 0
0 87ms
86ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051701&jk=1068517317512481&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B93 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 16:04:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B93 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OPaKCQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:36:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 iPhoneXS_spacegrey.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 14 KB
14 KB 39ms
39ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/iPhoneXS_spacegrey.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 191288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14789
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 _-spacegrau.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 16 KB
16 KB 40ms
39ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/_-spacegrau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 191288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16230
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 imac.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 27 KB
27 KB 43ms
42ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/imac.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 191288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27546
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 04_txt_1.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 3 KB
4 KB 49ms
48ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/04_txt_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 293778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3579
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 1 KB
1 KB 49ms
48ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/CTA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 14:44:30 GMT
x-content-type-options: nosniff
age: 265916
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 14:44:30 GMT

GET
H3 200 refurbed_logo_blue_2020.svg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 7 KB
2 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/refurbed_logo_blue_2020.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2505
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 brushBG.jpg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame CA8D 13 KB
13 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/brushBG.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 293778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13034
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051701&jk=1068517317512481&bg=!AAOlA0fNAAZ4vKt9WLw7ACkAdvg8WsbCunQ3YJa495Hw_vjubt74x8XLb6jmB1vNI-9JQSGjI3TNVQIAAAG7UgAAAAJoAQeZAp46uj1PtnFO6bT0A_2qg3iCbQaqM0NyxmfcM96bqN46uMuVaNWZT6EqneWIwK1GlRZrdWCaGY6VArw9u4CobMDXSveO7LkzHjJ54C4cY_vE3-oVikWHJAmIT7DV79oLgxf21iaEQy4iExkTVV2j3P8zQE0tRG5iet_wQJqghDC6C18TA1xYk6V-c92VcWfLFxY3pSMUYzlgy0bU8ofr8nYob-EnJJlGfRvE0IDqlVlV5rmyZONrmoty7vlG1fF-D4a-LpL0DCrRl-__hSUDD3rshDnQVtjVV7zzUGMC5HVJCbky65ntoMHz-MGNUwbVED6wXbhNpzCwOI6-WLyTgnXKE3HiiIaX48SQWprBlaoyNhNjYVpjhLl5_gAXlvk8L-B4oxlMWuM5ipQXuHBucujOToKCjaKSux5Dql6ZMVGsvsW6IxjkGpQxIp2rekhFzlvzWpSPshuMWpD5c5EgmwP9aFF6XLibE-KFUsZW8Wfi07YsDV0L8zn3voWZbIiJeViEmlkwcFalaghGt3l9v-2uqdzTYd8TTEz_QcUtN_kvJR15Cv7HHrbkKYTkSfQIjr1DEDrMFdeVGLDepbRwlkpZUDDtIQXzrmYxXfo_nuEhVcMBcRB3ZnWsVKmHR2ei5xkjdsJod0kisCM6bgLRU0Y-oBCr8Nwo7SZNL4C4oxPra40OZAIeGYmGYnSzWdwY3uvnFYGh5AHr7l_xi2tbvT3y9Cfa-Jfp5NPWv5XmVNXZWJmJD9fyIVKwCMG2uHCho1kiBM2QoL8IsfrkW6hFoLUMAtXQnlmW3B6IMeomu9eK35HZARXFNWejjd5XLZdVMWio1xohyA9k8Scm1zxKTox-V-OTEp2RXXnq4og0XJtduEROSTztl-oPmX_I7Sw-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 0B1F 0
127 B 46ms
45ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 16:36:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 56ms
55ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:59ce7cdf8.91e40a35a_1653323778888,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653323789064
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:30 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame 3BDF 0
190 B 364ms
56ms Ping
text/plain 52.18.17.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.17.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-17-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 23 May 2022 16:36:32 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

GET
H2 200 dc_oe=ChMIkeabhof29wIVJoZ3Ch2oyA6WEAAYACCjjPBPQhMIysHnhYf29wIVV4v9Bx3sCgYy;met=1;&timestamp=1653323793243;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 091B 42 B
494 B 165ms
76ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkeabhof29wIVJoZ3Ch2oyA6WEAAYACCjjPBPQhMIysHnhYf29wIVV4v9Bx3sCgYy;met=1;&timestamp=1653323793243;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIoJCphof29wIVmId3Ch1YBAWoEAAYACDG_ZdCQhMI7cD6hYf29wIVOIX9Bx3l_QQp;met=1;&timestamp=1653323793373;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F79A 42 B
107 B 73ms
73ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJCphof29wIVmId3Ch1YBAWoEAAYACDG_ZdCQhMI7cD6hYf29wIVOIX9Bx3l_QQp;met=1;&timestamp=1653323793373;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 54ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:59ce7cdf8.91e40a35a_1653323778888,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653323798995
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:40 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 dc_oe=ChMIkeabhof29wIVJoZ3Ch2oyA6WEAAYACCjjPBPQhMIysHnhYf29wIVV4v9Bx3sCgYy;met=1;&timestamp=1653323803198;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 091B 42 B
63 B 148ms
71ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkeabhof29wIVJoZ3Ch2oyA6WEAAYACCjjPBPQhMIysHnhYf29wIVV4v9Bx3sCgYy;met=1;&timestamp=1653323803198;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIoJCphof29wIVmId3Ch1YBAWoEAAYACDG_ZdCQhMI7cD6hYf29wIVOIX9Bx3l_QQp;met=1;&timestamp=1653323803379;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame F79A 42 B
63 B 72ms
72ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJCphof29wIVmId3Ch1YBAWoEAAYACDG_ZdCQhMI7cD6hYf29wIVOIX9Bx3l_QQp;met=1;&timestamp=1653323803379;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 16:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 439ms
54ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:59ce7cdf8.91e40a35a_1653323778888,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653323809034
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 16:36:50 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKy6ku1O0POqsVBF-6qluNE&google_cver=1&google_push=AYg5qPL2oEAlEPMTGUsXDl_Z_tV8KN1_mJJgun5vqsQukj09xsJeqSROCWzestO8r3c4FoF77IgrRxGKw7rwS16dx99LLswAbBzZVxw

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nur.kz/	1970-01-20 03:16:50	Name: _gid Value: GA1.2.1154909005.1653323779
.nur.kz/	1970-01-20 03:15:23	Name: _gat Value: 1
.nur.kz/	1970-01-20 03:15:24	Name: __io_d Value: 1_705468254
www.nur.kz/	1970-01-20 12:00:59	Name: __io_lv Value: 1653323778888
www.nur.kz/	1970-01-20 12:00:59	Name: __io Value: 59ce7cdf8.91e40a35a_1653323778888
.nur.kz/	1970-01-20 03:15:25	Name: __io_session_id Value: a8c024c1d.7de452898_1653323778890
.nur.kz/	1970-01-20 03:15:24	Name: __io_nav_state336 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.nur.kz%22%2C%22previousDomain%22%3A%22%22%7D
www.nur.kz/	1970-01-20 12:00:59	Name: __io_unique_336 Value: 23
www.nur.kz/	1970-01-20 03:15:50	Name: __io_uh Value: 1
www.nur.kz/	1970-01-20 03:15:24	Name: __io_visit_336 Value: 1
.nur.kz/	1970-01-20 03:15:25	Name: __asc Value: 03b56b74180f1c6cb872a211731
.nur.kz/	1970-01-20 12:02:26	Name: __auc Value: 03b56b74180f1c6cb872a211731
www.clarity.ms/	1970-01-20 12:00:59	Name: CLID Value: c4729ae8a8be4aa184ffc0cd9e6581f0.20220523.20230523
.nur.kz/	1970-01-20 20:46:35	Name: _ga_L3EYGX7DJS Value: GS1.1.1653323778.1.0.1653323778.60
.nur.kz/	1970-01-23 19:05:47	Name: __eventn_id_props Value: %7B%22globalProps%22%3A%7B%22env%22%3A%22prod%22%2C%22source_type%22%3A%22desktop%22%7D%2C%22propsPerEvent%22%3A%7B%7D%7D
.nur.kz/	1970-01-20 13:15:23	Name: nur_user_id Value: 5681a3e7-4e1d-44bf-b21a-cbf32b15b3dc
.nur.kz/	1970-01-23 19:05:47	Name: __eventn_id_usr Value: %7B%22id%22%3A%225681a3e7-4e1d-44bf-b21a-cbf32b15b3dc%22%7D
.nur.kz/	1970-01-23 19:05:47	Name: __eventn_id Value: ls0he84oq6
.yandex.ru/	1970-01-20 20:46:35	Name: i Value: R44ofq17lbbQ4cu7XBp4/vm19as2WoxPGhFHVHI+mQawHL6SDLWHeLStGTDkrdwyGDGMR8CB6jGGI7fX51Acgp0nqYU=
.nur.kz/	1970-01-20 05:03:50	Name: _gaexp Value: GAX1.2.CgAho3N_S6ek6TgBcPgd7A.19211.1
.yandex.ru/	1970-01-23 18:51:23	Name: yandexuid Value: 2565202881653323780
.nur.kz/	1970-01-20 20:46:35	Name: _ga Value: GA1.2.222879948.1653323779
.nur.kz/	1970-01-20 03:15:23	Name: _gat_ABtests Value: 1
.nur.kz/	1970-01-20 12:00:59	Name: _clck Value: zx4yxn\|1\|f1p\|0
.doubleclick.net/	1970-01-20 12:36:59	Name: IDE Value: AHWqTUmQvYS_5DQGQovtEnompE9uLZ9Rp46w_dZabR5hy6XJ7I8ULQTZCfV43ySUBbg
.nur.kz/	1970-01-20 03:16:50	Name: _clsk Value: 19rhigi\|1653323780145\|1\|0\|l.clarity.ms/collect
.doubleclick.net/	1970-01-20 03:15:27	Name: DSID Value: NO_DATA
.nur.kz/	1970-01-20 12:36:59	Name: __gads Value: ID=e97271192f7707ca:T=1653323780:S=ALNI_MYq1SWUfAyoLnjZv_oVFf96QcuBEQ
.quantserve.com/	1970-01-20 05:24:59	Name: d Value: ECQBCQGaJoEA
.quantserve.com/	1970-01-20 12:45:38	Name: mc Value: 628bb807-5e0d3-658e3-50804
.adnxs.com/	1970-01-20 05:24:59	Name: uuid2 Value: 5191533982588275201
.casalemedia.com/	1970-01-20 05:24:59	Name: CMPS Value: 3261
.casalemedia.com/	1970-01-20 12:00:59	Name: CMID Value: You4B.ug9g.4CLoLeUiLjQAA
.casalemedia.com/	1970-01-20 05:24:59	Name: CMPRO Value: 1197
.casalemedia.com/	1970-01-20 03:16:50	Name: CMST Value: You4B2KLuAcA
.rlcdn.com/	1970-01-20 04:41:47	Name: pxrc Value: CIfwrpQGEgUI6AcQABIGCOndKhAA
.adnxs.com/	1970-01-20 05:24:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc'n=lus!@wnfH8K6pQK`!5=E<L5?%KgvvJ1]o^Z43N^_?dY4B$cLG-z?TA!.aldK1%nugO%v4VB%nnh#*6=LY
.redintelligence.net/	1970-01-20 05:24:59	Name: 8lcfmzhxc8d6_uid Value: a918339d9155fcd0
.adtriba.com/	1970-01-20 20:48:02	Name: atbgdid Value: 0325d9ba-79c1-4088-9c27-aec444a17667
.pubmatic.com/	1970-01-20 03:16:50	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 12:00:59	Name: CMRUM3 Value: 2d628bb8072760CAESEIL_cYxvZDeBGCVayc52Vuc
.agkn.com/	1970-01-20 12:00:59	Name: ab Value: 0001%3AvW1MqMnn5hupxWQwnB87Rcmc9b0eYvDT
.3lift.com/	1970-01-20 05:24:59	Name: tluid Value: 1214610529299371831063
.ctnsnet.com/	1970-01-20 12:00:59	Name: cid_64d4dda6bd0c4befaad76422b29a5bcb Value: 1
.ctnsnet.com/	1970-01-20 12:00:59	Name: gid_CAESEC71olzL7bES3rQzrWp28u4 Value: 1
.mathtag.com/	1970-01-20 12:41:18	Name: uuid Value: 7154628b-b807-4c00-8ff7-3df54a32945c
.mathtag.com/	1970-01-20 03:58:35	Name: mt_mop Value: 4:1653323783
.pubmatic.com/	1970-01-20 05:24:59	Name: KADUSERCOOKIE Value: F60EC335-CB45-4E3B-86AD-B76FE7E08A0C
.360yield.com/	1970-01-20 05:24:59	Name: tuuid Value: c0b32e4d-2535-4b66-9912-0cfcb4930730
.360yield.com/	1970-01-20 05:24:59	Name: tuuid_lu Value: 1653323784
.awin1.com/	1970-01-20 03:16:50	Name: awpv11524 Value: 296283\|1653323784\|7c25ae31-dab6-11ec-91ba-2230ae711e76
.awin1.com/	1970-01-20 03:18:16	Name: awpv22610 Value: 296283\|1653323784\|7c267180-dab6-11ec-85d9-223185680794
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%227c2dc50c-dab6-11ec-9bbc-00155def0803%22%3Bs%3A3%3A%22sit%22%3Bi%3A1653410184%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 20:46:35	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj7c2ddfd8-dab6-11ec-9bbc-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1716395784%3B%7D
trf.greatviews.de/	1970-01-20 07:34:35	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%227c2dc3cc-dab6-11ec-9bbc-00155def0803%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221653323784%25%255712300%25%257c2dc30e-dab6-11ec-9bbc-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1668875784%3B%7D
trf.greatviews.de/	1970-01-20 03:25:28	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1653928584%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.agkn.com/	1970-01-20 12:00:59	Name: u Value: C\|0CEAqHnSIKh50iAAAAAABAQ13AQEAAQpAAAAAAA
.rlcdn.com/	1970-01-20 12:00:59	Name: rlas3 Value: BZhKjsLfxYPc0Essva+sCQvvwZBRjVdPqhDA1gLGH00=
pb.media01.eu/	1970-01-20 20:48:02	Name: DTU Value: 551EDF918F84B2ED2AFB2FCB3E06D8FF
.www.parship.de/	1970-01-20 03:15:25	Name: __cf_bm Value: BYvmvsjoRtB4teVHfSoYIDvkefQ.mXVVT1pPAe06n9Y-1653323784-0-AdlkJ3ie/tJu1nzuXsuQIJF9wYAJQcvb37DB+HscGrgzyJ8ihu4X/rsqXrb9g9C3J+B4kvLqlhVGL8bbSwPMuUU=
.yahoo.com/	1970-01-20 12:01:21	Name: A3 Value: d=AQABBAi4i2ICEMuIZeuQXW2K9tdLuXoUcFgFEgEBAQEJjWKVYgAAAAAA_eMAAA&S=AQAAAjYZyYjFO9xfyaaoXojepj8
.e.dlx.addthis.com/	1970-01-20 12:45:38	Name: na_tc Value: Y
.analytics.yahoo.com/	1970-01-20 12:00:59	Name: IDSYNC Value: 18yx~251s
.parship.de/	1970-01-20 03:25:28	Name: NVI_LC2 Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID_TS%3A1653323785
.parship.de/	1970-01-21 05:10:35	Name: NVI_FC Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1653323784.5712300.7c2dc30e-dab6-11ec-9bbc-00155def0803ID_TS%3A1653323785
.addthis.com/	1970-01-20 12:45:38	Name: na_id Value: 2022052316362500057398060083
.addthis.com/	1970-01-20 12:45:38	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:45:38	Name: uid Value: 628bb809cf3ce7f0
.addthis.com/	1970-01-20 12:45:38	Name: ouid Value: 628bb809000157dac08122c59720053d47c66afaf476709b0952
.dlx.addthis.com/	1970-01-20 03:58:35	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:58:35	Name: na_sr Value: 20220523
.dlx.addthis.com/	1970-01-20 03:15:23	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:58:35	Name: na_sc_e Value: 0
.c.bing.com/	1970-01-20 12:36:59	Name: SRM_B Value: 0810A537B39A6FA13AB1B49AB2116ECE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:36:59	Name: MUID Value: 0810A537B39A6FA13AB1B49AB2116ECE
.c.clarity.ms/	1970-01-20 03:15:24	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKy6ku1O0POqsVBF-6qluNE&google_cver=1&google_push=AYg5qPL2oEAlEPMTGUsXDl_Z_tV8KN1_mJJgun5vqsQukj09xsJeqSROCWzestO8r3c4FoF77IgrRxGKw7rwS16dx99LLswAbBzZVxw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
849dac11785feb3ab6c0ab505d94f130.safeframe.googlesyndication.com
ad-server.eu
ade.googlesyndication.com
ads.adfox.ru
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.google.com
avatars.mds.yandex.net
c.bing.com
c.clarity.ms
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.nur.kz
cdn.onthe.io
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.adtriba.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900012.redintelligence.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
l.clarity.ms
match.360yield.com
medialead.de
nur.kz
nurtech.pro
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel.everesttech.net
pixel.rubiconproject.com
pv.medialead.de
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stat.khanate.pro
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
trf.greatviews.de
tttt.onthe.io
ups.analytics.yahoo.com
us-u.openx.net
webapi.nur.kz
www.awin1.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nur.kz
www.parship.de
yandex.ru
yastatic.net
googlecm.hit.gemius.pl
104.102.29.65
104.111.242.245
104.36.113.23
104.89.42.102
104.92.94.3
13.248.245.213
138.201.84.245
142.250.184.226
142.250.186.98
142.250.74.194
142.93.104.37
145.239.193.130
172.217.16.134
178.250.0.139
178.250.0.160
178.250.0.162
18.203.7.223
18.66.2.63
18.66.248.5
185.29.132.241
185.33.221.90
20.120.65.166
216.58.212.130
2606:4700::6810:cc16
2606:4700::6811:180e
2606:4700::6813:b979
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:27::cafe:1734
2620:1ec:c11::200
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9a
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1be
2a02:6b8:a::a
3.125.240.25
3.20.242.89
3.68.169.133
35.186.193.173
35.227.252.103
35.244.159.8
35.244.174.68
52.142.114.2
52.18.17.186
52.214.225.206
54.153.103.110
54.76.176.197
69.173.144.139
85.239.105.10
88.198.250.30
91.215.139.234
94.130.102.164
94.23.99.218
94.247.128.34
94.247.128.38
94.247.128.43
95.216.24.150
006a309330a3246f5c17ba84e3a6a998064b43920ab65c06d0e63f9056347ace
00bbe99135247207572c759c13b6dc7ed94b5e5376187ec397d29d603706d52c
01083fe38a019adad84287409f155d30ff249dc90e981efe5a9d4fc34bb82dca
0108652c35c72727a1bc3de4ecbb1d7a08173a093da6787ea950fc8d2d9eec97
010fc56ed41ed94fa9c15af2bb7188375b9818d8fe67af32f7cd8ed8eedb497e
030011375e134406b94777255c02b5c07f450ce5597506bbf198cd4f958a47c9
033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d
0344ecf94e18e3195d68593b4f9ee254c922e6c68b14f1d1edf7f32564cee221
03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52
03d9787c8b8b109484e948bc0eebd77a7bcdda90ed999c845aee6381d890ca15
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde
07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32
081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7
0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a4f02d3e519d931493c05b4b08f659b9f75aa9d85403f117d6d3d11b3206d6b
0b68dfa2506fa6c9dbd1b5eda3dfb79c9e1bce65ea5231c1109c79bb03ac8f6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb425a58a348f2d1ac3801a047c4b179c04078db3fb5bb404e98e398ab3f865
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
10538ee26f9f20dddba4b93cd508da65b3fb6334072a0b25d6c046deefc1db9f
11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146fb10253b24be161f635016a1f3e91360b0a8cc7294b3f976a46fb3ab9dab2
14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
15962902fbad9305c4351f5e07f73518f942b68cc59acc1ed69e79d97d4ad007
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187aa7aa4670247180d8d26f28550cbf7633f51f52b88daf5ff39daeec3b5dc1
1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c
1af3d221cef7ca8dd89c05d3ee6480803b0b9d1f22ab9ee5ed95635d9819ed7f
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1ca89a403c4e345ebd841a43f31c5fbb60407f7a846f379b338f1af879f1cdec
1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
1fe83b731e00a446f7e7e404b6c62632d8a6fc32652b8ea1ef91696ac75a8bdd
230a4ef4add89d8d627dfd7285f664f8b6ae588084936ca7305ace79cd1a8bc7
23673d53eed8ae6ad7599beeeec3a0b0723f396d62ef981fa71994b513342dc5
23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c
24dee13b203fd39b9a5b1cce2982a7421774ef381b9fdc8159ccbf471cd3858a
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4
25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76
280d084452da26bdf14ce6d4ce7590b04c070113af84046fbcb3c3ed61cf85e3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fd1487d2d13e74a3b0c78b45da188935df2649f5731652d4c7c8fb9d2703eb2
32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3318813c2394d0aaf58e2598a99aa6078890d28992ab3db0dd5dfb068ff2966e
34426093732f29f1bd01a5a11c13344f5f40ebc75a89cacd15ea3fb709f55261
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6
40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a
44c349d846be6415d8a8c49d96e2dcf8bd41ee22dde8f8bce267a66488ca0d89
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec
45c716d5ddeaa05147ced2f83b098b06f07436f5bcdcc7d13944e90b00683a52
467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437
46b0d1d64e68990d8c3d39463bb11d33eb243e54bf7865cddde2a5b8db047530
496b577f5bd7927c79923fe047d5b2100a1dfc614034ae28b2ee2c9d0c560172
4ad610b236338369836c019317b64dc48a5d3b73871a0360bd6fd6b2e852abcf
4afeaabf4ec01f41d4ca0068d75d70c6231ef7b0736a89b5d011a7089fff0e74
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca4f411baf3bb9280ba26f84f8b44138dd0a7db25c8df027c12fe34d9afa284
4cbb1660dbf60f9af237723abd824a4131a65fa89db911012b21d19cc3695385
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e20ea70fa7f56de64cb4ee68a8001d031418dc092e10b5cad1e0c1287a1c1e8
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4
5129bb7cf57920bddaaa073c87cdb4f4057ec9879655eb958da3cc3c7e081dca
53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4
5324b70acffa135875d1bfec7ea87d058005568791e54ba4b8410fb2fb1739ef
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019
57c574845a793acec11e8266bc2b3ee3e638c56b3422f18e4fefdff6c7fce51e
587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0
58d09e1758f32b323860990d10c992b04c90d1de32d7600c0b6b93c84a0d6336
592df1e7e91410fbc6709be1ba8695f02a43b8c63a529c0be2f307811860e73c
5936d1c9b5428da33f792c80a87e1e0d66076feafb3d0a4e3b6c09484f82f9d7
59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2
5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b
5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe
60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5
60fc65fd65b05a8b21077c30c511303f4cc9d9a659226b3a279d1ee2f65fd35c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8
64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567
689ff7cb7dbf8065daefadaa13213620126df9fb5d5575cad58a97b325451e8b
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302
6aa385bad11af3c03ee07e1b62ee77226e51d5c7fcfa7a89d3d8672aa247bd72
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5
711ee3eb59d5b76ca01b50cd147423a915ad122d27147e6146d87e7d528eac28
724eecf018cbe723486b8da5d9243c35f882badc52bc9e38107d6ff913f53acb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
79bd24bd53200855b76301ed78911d0a805d4d9213b9fae6b497eafa9d0f0a3a
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7
7ce196f9399c836c82ed0c48f7bb0f906d2245af91b786fc017d9b553355a048
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d962fd397e14db59c75a84155f9f054d89c55ae138cb1e348217c3b7e22c796
7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aa9c0f8ed2307a2b9f5b135cc7d0118528ce1455e0060258093eb66dcb93dee
8b33005798c2d2a5b248da39129831f44dec9b9fe87d988d970175597e444139
8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2
8dd35d1f4d63e0f97576d7c4b80cc25ca699e9bcf47d335d6cfd5e805c16abfd
8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
906279f962df2b9a0aebadf33bdce9bafc4246e2cd71bc4639b91dadd27105ef
9174eea7949c646792c31146bbd7aa4dd683a06a86bbaba32a2853ae48e937c4
91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
95fe1d3eaf90a13de4a63bc75f35c13cd6705b1be6c3ad2c79a8e856a79701a7
969f07055235eeaf6f4a2bd6a938361f7aa30d9f4f0f7b82b984bc5a4e86cbb2
96e7d31540dc3420c73e81ab4022a61cbe86ff318fc96ad94766fe5341404c2b
9779e7639bc4a82393eb625f3b5e861cdb533a6e2aa5a9bc8ea2f5e25e1e3a0b
98110f684db8a3d675df3a204a9872fb3f53c561426c47126072bcca7a1dec75
9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7
9991f76dc02c16f89acff86d06a9f1f4c781d93aae9d8528a19a42344e9f71a2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307
9eb222ba5b7576a0b8af028538574e30bca677988d65e2e945ca159ede776a36
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bf97059c673348b39ec51cc87cf13f2f4199fce6b40c2ed339631056bda0f2
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601
a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e
a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8
a4761602d3f02a99f5ba672962e117618f8ebb010f6196325085a82fa78c5751
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34
adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af02f946c16c11e70309f16b7b81cbfd755dfd2ea235d826332d713a23bafda8
b00681f14bc02a2793216636b8b0ffa59647ad8682e933f6852d597c90b24941
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17ba3329aeed8caf7cd85db62cde9c5502325c5268aee997b89ae939e4d3a7d
b26913c9ad5381876dfd5daa2599f295442fda207c17eff0271e67a5d0772ba8
b39c4441933f26dea800d63b60324cd4f83d84aca3a087781d11b93c873ce595
b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b74e42ca31f67572e060c1c425b73bde09a3894bb37ea244c2a46b5489126034
b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401
b9ac03518e33de71473f8d2451dd4f9b997fbdb5bba0e8e476be0d6a5cd8a3ed
b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4
ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e
bbc10f5aef909ff98128139a1869ba2b01c3e2b146d479e018a479050d9e5d44
bcad14ba40152f92c848d1262099a581647b11b2d2a066dad5dc87d49b2e6917
bd4b3ec69c7cc6b78aebd8b8f149b24fb509226b0de1215d288296525a2f65b9
bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3
bf575110f00bcd665556f5ec69859ed96b330561a00b8b63308381d5858d915b
bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796
c17c7e9240eef13cff64836fae515704bcb74973c240613b57d8b21f97f93792
c2860a28662bd59b0e9a0791f7671ff6ae515940a759fc0aa0492bf6154681cc
c4ea23b90e7ff54235febb3c76d9fd9156768ff5a611b20a8ed632619da9acbf
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468
c8fc0b7feb3f001e5fd17fb014530377acb4a7c995ac409c620b138a65a4b623
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
c942c9ba704865140edcc1b3a944d7fcd0a6a035b826ceba2997ebd6e9e0f507
cb1f43381102f1ca250aba891a446b1fea165a9884947048f571cb61ab68e867
cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924
cdf31faf3dd8935f5ee63c1a29cee78a7921ea31fb3cacae156773602ed576d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf757cd5b2a6a603edd5967bd17f09b923fa1cc56d67992a6d048391838f6e19
d09f2fd7b754f30211babf8971d3d203fe0295b23e6ea206a8b3b0ec2cf2ec0e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e
d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e
d5d8a1b2f620565ed85b0bf7cab850f653cb91d210b130ef99a29796711a545f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7dc4e5d045255c0214497b60da358e4c486e9533db6e2f4cb03d905e3ae8b89
d95487c66d9bc5b22c42dd6726f283eb5e86c2bf94f1883ec41acf92fbb17663
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd
dd6910e57e27a46a28350040affc11c14e25c578b5657ac53313e2e7620e3c62
dd74716dab8ccb5dee6626fa4e1a72eb209bbee5174a3e0862290c0756c53c4f
dde2a0827f602c25b81769496f43c629c0af93f03c36f5b3cb1db441e76c150d
def9499d85aa9ccd146cd3fbea29d13641bae3d699c0a55e57ae2f8cf5b344bd
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e783c361f36ad019cbd4a40aa6368c06df5c128334a7c9fd0333bc37a4af4fbf
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
ea3e94ae218d409f2e06adab5a3cbf7517d3993af10e339f0c57e370420c742e
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70
ee0387813905a914438df43ca82b1865b22f00b0eabcfdc8df28c2ed5fdcb02b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f28828f3ffce25773f3c3a7abd63d463b5820d32d7951b300924a30d6632ecb5
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
f44ffda1cc5ff1892127e1b29b917986e0585850496ddda51f6a6ce101bc005a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f81b83344d1a235f54adb3800f29a31d8861f300a8b9276f5d25d0efdd481a93
f9cf423c8701717235d034950b93902cfe392c77b0dee145291a730a42c5e796
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f
fdcf1db509f69849dfd553fa72889c91b12ce7df7e39a54e734b6e313651902c
fe2b6f51a75fc1f869c0f4d3562b906021b0ddf31cb85a3b4d58c224a64bef17
fe771fba959daccbecd0fa70a3b101110914039be0574d6f7bafd8aa6cf231b5
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

www.nur.kz Open in urlscan Pro 91.215.139.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

420 Requests

92 %HTTPS

41 %IPv6

54 Domains

82 Subdomains

63 IPs

11 Countries

4074 kBTransfer

11352 kBSize

79 Cookies

24 Outgoing links

Page URL History

Redirected requests

420 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Screenshot
Live screenshot

Full Image

420
Requests

92 %
HTTPS

41 %
IPv6

54
Domains

82
Subdomains

63
IPs

11
Countries

4074 kB
Transfer

11352 kB
Size

79
Cookies

420 HTTP transactions
17 data transactions