nekto.me Open in urlscan Pro
2606:4700:3032::681c:439 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nekto.me/
Effective URL:
http://nekto.me/
Submission: On November 09 via manual (November 9th 2020, 7:46:44 am UTC) from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3032::681c:439, located in United States and belongs to CLOUDFLARENET, US. The main domain is nekto.me.

This is the only time nekto.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3032::681c:439	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	87.240.190.67 87.240.190.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1 1	217.20.155.13 217.20.155.13	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	217.20.147.1 217.20.147.1	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
42	11

17 2606:4700:3032::681c:439 (United States)

ASN13335 (CLOUDFLARENET, US)

nekto.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.240.190.67 (Russian Federation) 2 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv67-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.155.13 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip13.155.odnoklassniki.ru

odnoklassniki.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.147.1 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip1.147.odnoklassniki.ru

ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	nekto.me nekto.me	97 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
4	yandex.ru 1 redirects mc.yandex.ru	44 KB
4	google.com www.google.com adservice.google.com	2 KB
4	vk.com 2 redirects vk.com	25 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
2	doubleclick.net googleads.g.doubleclick.net
2	facebook.net connect.facebook.net	59 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	832 B
1	googleadservices.com partner.googleadservices.com	627 B
1	gstatic.com www.gstatic.com	136 KB
1	ok.ru ok.ru	1 KB
1	odnoklassniki.ru 1 redirects odnoklassniki.ru	181 B
42	14

	Domain	Requested by
17	nekto.me	nekto.me
4	mc.yandex.ru	1 redirects nekto.me
4	pagead2.googlesyndication.com	nekto.me pagead2.googlesyndication.com
4	vk.com	2 redirects nekto.me
3	counter.yadro.ru	2 redirects nekto.me
3	www.google.com	nekto.me www.gstatic.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	nekto.me connect.facebook.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	ok.ru	nekto.me
1	odnoklassniki.ru	1 redirects
42	16

This site contains no links.

Subject Issuer	Validity	Valid
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2019-08-07` - `2021-03-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://nekto.me/
Frame ID: 73E4C3A42A9E802017201731EDDC4E10
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: E880B21FAD6E4E6847919CB0C31E3993
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=ii5gfi9fatxi
Frame ID: 9F14AAB77257B1393211B9D991B758D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604907988&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604907988415&bpp=13&bdt=451&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3448668660057&frm=20&pv=2&ga_vid=1602800222.1604907989&ga_sid=1604907989&ga_hid=1064557708&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706%2C44730557&oid=3&pvsid=3944220527755823&pem=369&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145
Frame ID: 0D613FAEA13B5869662B210FA991EAE0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=l3ofq7tpu29i
Frame ID: 7763329E2E646293C902B2B82B69AB89
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 60B73ECB79BAC0E11FB7987E6BA17F68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

42
Requests

60 %
HTTPS

58 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

537 kB
Transfer

1422 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://vk.com/js/api/openapi.js?152 HTTP 301
https://vk.com/js/api/openapi.js?152

Request Chain 7

http://odnoklassniki.ru/oauth/resources.do?type=js HTTP 301
http://ok.ru/oauth/resources.do?type=js HTTP 307
https://ok.ru/oauth/resources.do?type=js

Request Chain 8

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 17

http://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg- HTTP 301
https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

Request Chain 22

http://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.5070693539866351 HTTP 302
https://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.5070693539866351 HTTP 302
https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.5070693539866351

Request Chain 34

https://mc.yandex.ru/watch/34274390?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201109084628%3Aet%3A1604907989%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A865065488291%3Arqn%3A1%3Arn%3A83516205%3Ahid%3A250044838%3Ads%3A9%2C5%2C90%2C1%2C0%2C0%2C0%2C420%2C14%2C%2C%2C%2C529%3Afp%3A539%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604907989%3Au%3A1604907989621813188%3At%3Anekto.me%20-%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C HTTP 302
https://mc.yandex.ru/watch/34274390/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201109084628%3Aet%3A1604907989%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A865065488291%3Arqn%3A1%3Arn%3A83516205%3Ahid%3A250044838%3Ads%3A9%2C5%2C90%2C1%2C0%2C0%2C0%2C420%2C14%2C%2C%2C%2C529%3Afp%3A539%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604907989%3Au%3A1604907989621813188%3At%3Anekto.me%20-%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
nekto.me/ 9 KB
5 KB 104ms
89ms Document
text/html 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/

Protocol

HTTP/1.1

Server

2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb1944ed5f7cfc00fcc2f3a2337a0a7269708473c0f92f4bd49586d82ad6920

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: nekto.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:27 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d703cebb9621e1e0bd41bd8bcc47c75da1604907987; expires=Wed, 09-Dec-20 07:46:27 GMT; path=/; domain=.nekto.me; HttpOnly; SameSite=Lax
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-frame-options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 064d918ba100002b9568172000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hFOyZqbsykqSMRs622HI2kes1aMudZ9op9EumzG2yZhc0xzFWq%2FMS0ydaGPHgmaJgCeUmQN6h1FkPGVeZUHLAYlGX0qLTiRcMfAd7Fp50ZO44KnfIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5ef5eb8c3aa92b95-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
nekto.me/style/ 7 KB
3 KB 58ms
55ms Stylesheet
text/css 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/style/main.css?3
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e09f4e597546c91ff7c676993830f93b56a186d1c99fcfb71d68edbae6f8a549

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c0600002b95b6b9d000000001
Last-Modified: Fri, 18 Dec 2015 23:53:55 GMT
Server: cloudflare
ETag: W/"56749c93-1a8c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LVVoo0UEU1Zh6IlzGVibXvEr8k7aXs2xkOcTcZmOxsmcDLFRIQ6l8UMcQoV8Csq8UHwXs22jmtqo0u3r3rQf%2FdBOYspsXJlXiCl%2FJf84DEp35rIGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: private, max-age=86400
CF-RAY: 5ef5eb8cdc2d2b95-FRA
Expires: Tue, 10 Nov 2020 07:46:27 GMT

GET
H/1.1 200
OK jquery.js Show response
nekto.me/js/ 93 KB
39 KB 83ms
76ms Script
application/x-javascript 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.js?2
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c0b00000eafe7b79000000001
Last-Modified: Wed, 21 Mar 2012 19:46:56 GMT
Server: cloudflare
ETag: W/"4f6a3030-17278"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5a%2F1o1HGT2695YvTl7qvHQMKzx2hE633W5kDSWrjXUkT8FwzpKN1XgBqlBn41ksO5AJZbTMUJHftNwyPV%2Bqjtr7mdJWx5dIV23Nmg2yivfknZSYjPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ef5eb8cd96e0eaf-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK jquery.cycle.all.2.72.js Show response
nekto.me/js/ 43 KB
14 KB 71ms
64ms Script
application/x-javascript 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.cycle.all.2.72.js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103fc73af427191044b7c92db49cf45442782410befc7e630225452bce49677e

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c0b0000d7099916f000000001
Last-Modified: Sat, 20 Oct 2012 01:54:14 GMT
Server: cloudflare
ETag: W/"50820446-ac8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zchjxi%2BG0OSxgjaU6GTF8EK7zl665DWhqYlWwYyJ%2FWBuUR5%2BPGJhu7C%2Bov7dIohTcIei3U8NqmG39n3OaVynH81eoXUav%2F3UfxmX7bIUKWGD7PnCWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ef5eb8cdd88d709-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK jquery.notification.js Show response
nekto.me/js/ 865 B
1 KB 67ms
60ms Script
application/x-javascript 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.notification.js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe5d89920641371f3af6612e80764f29b19fe4d3458714ac56465d07a268b4a

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c0b000005fd9097a000000001
Last-Modified: Tue, 12 Jun 2018 16:09:48 GMT
Server: cloudflare
ETag: W/"5b1ff04c-361"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lklPmV3oua%2BgWncywWORQFrZklxWYzBIz4%2Fls8KLC38d3JyqoBLB6oifqGsOt8qvAJiNbywr8QuiuDoeI%2Bwvf9neNcvBKKQ1tuRxsJBRWLsUHriRuA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ef5eb8cda6d05fd-FRA
Expires: Tue, 10 Nov 2020 07:46:27 GMT

GET
H/1.1 200
OK index.js Show response
nekto.me/js/ 7 KB
3 KB 83ms
76ms Script
application/x-javascript 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/index.js?2
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b5f7ef7c8b564205a17914796ebb12d869177990b47117c3e5b94fe8eefbf3

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c0c0000c2f45ab64000000001
Last-Modified: Tue, 27 Mar 2018 10:45:50 GMT
Server: cloudflare
ETag: W/"5aba20de-1ae5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7tBKzP8wUPWsdjL5jD%2Fsb9fKyLYiheFfM6JRI9OFdNakFK4%2FfrqnYCAGBCEMhVRhTt3NsiA7TttW1x0Taj0GUiKxForxx%2FOknyW8OfFPfx%2FkDUh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: private, max-age=86400
CF-RAY: 5ef5eb8ceabcc2f4-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H2

200

openapi.js Show response
vk.com/js/api/
Redirect Chain

http://vk.com/js/api/openapi.js?152
https://vk.com/js/api/openapi.js?152

100 KB
24 KB

178ms
59ms

Script
application/x-javascript

87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?152
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv67-190-240-87.vk.com
Software: kittenx /
Resource Hash: 97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-frontend: front213218
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Fri, 13 Nov 2020 07:46:28 GMT

Redirect headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
X-Frontend: front213218
Server: kittenx
Content-Type: text/html
Location: https://vk.com/js/api/openapi.js?152
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
996 B 38ms
16ms Script
text/javascript 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bf897707835ef8d47aa7188075757f98d13185292bd7b8eccb3659e2c19ed93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-xss-protection: 1; mode=block
expires: Mon, 09 Nov 2020 07:46:28 GMT

GET
H2

200

resources.do Show response
ok.ru/oauth/
Redirect Chain

http://odnoklassniki.ru/oauth/resources.do?type=js
http://ok.ru/oauth/resources.do?type=js
https://ok.ru/oauth/resources.do?type=js

3 KB
1 KB

238ms
77ms

Script
text/javascript

217.20.147.1
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ok.ru/oauth/resources.do?type=js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.20.147.1 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: ip1.147.odnoklassniki.ru
Software: apache /
Resource Hash: 2c2a9365874b974914082d8501c7d82dd1c417184de5f38768d0ed1c1a931c84

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: br
server: apache
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8

Redirect headers

Location: https://ok.ru/oauth/resources.do?type=js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
2 KB

21ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fd157539f248a35f55150acb86c051174b543feaf41a68277261aaa6170969f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IyUIsYm0zj2aN6mdUnWd/Q==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 1781
etag: "3f1e58c2e5813ec9c1b52afb40eecf4b"
x-fb-debug: RL0LHeG2Mc6vunCgwsyqDoXJ9Tq53Y1BqqwRioEugyXdnmeHEi1F2cAlAOE+KIVkyUjxWFpa2S5yfJPH4VBtvg==
x-fb-trip-id: 664085054
x-fb-content-md5: 567e809b6731f4962c2721f27a69f00c
x-frame-options: DENY
date: Mon, 09 Nov 2020 07:46:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Nov 2020 07:56:34 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js
Non-Authoritative-Reason: HSTS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45426
x-xss-protection: 0
server: cafe
etag: 10562869928832476540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK enter.jpg
nekto.me/img/ 2 KB
3 KB 71ms
69ms Image
image/jpeg 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/enter.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a13cea4bcb1f23279cd197b18dc3261762b782e19e077c09557147bd967c33

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 2090
cf-request-id: 064d918d6700000eaf4684a000000001
Last-Modified: Sat, 20 Oct 2012 00:57:50 GMT
Server: cloudflare
ETag: "5081f70e-82a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7k1wjQRwTIZUd0R4Ct7sEdDzB76f0y7oxsIcwglB5oRxFK0Xn4AYPsQvRFyr46zwRJVP5IiASDAqX08gtTKJZIelbUdVhGll5IFO%2FPpeZZPVIN5DVg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f0e1c0eaf-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK vk.png
nekto.me/style/images/ 1 KB
2 KB 63ms
61ms Image
image/png 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/vk.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a0b4f60160a7b46ee1d6affdfb3d6dc2114330688b81b52cbad354ed2544ca0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1172
cf-request-id: 064d918d680000c2f40483d000000001
Last-Modified: Fri, 25 Nov 2011 11:31:48 GMT
Server: cloudflare
ETag: "4ecf7ca4-494"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cRFyebDaeM6oo5J6v77S567Xv4AR9rg77lh%2BOCM%2BYyFPmTsgwaGN1z%2F9nXE1GSh8a3H1hcUwbHVmC%2Bak01Y3k9CXsBlE%2BdxC%2Fg69y2kvtTWqdRYfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f0f5dc2f4-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK ok.png
nekto.me/style/images/ 2 KB
2 KB 62ms
60ms Image
image/png 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/ok.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f7fd2399790e97f02fa75bf4267c725870e56ce6c6c55064bb469e018ce9d

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1541
cf-request-id: 064d918d680000d70999189000000001
Last-Modified: Tue, 24 Jan 2012 22:15:29 GMT
Server: cloudflare
ETag: "4f1f2d81-605"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vr8zrhXHInDf7rkVLz4HRLVe%2BPhMoEhoIdOUSIqX92RJ94JqiwopyNbDlkugSNnA%2B83pHuy5WtWvqZ%2BXlIwTpgKGwb7xc8Iu0oqfipMYVEFxsSUyjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f09cbd709-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK fb.png
nekto.me/style/images/ 230 B
974 B 63ms
62ms Image
image/png 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/fb.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f74d6963b542c2fff9353700952c52941ff961fc551be3bab75f6d9a0d55ad2

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 230
cf-request-id: 064d918d68000005fd4b149000000001
Last-Modified: Fri, 25 Nov 2011 11:31:42 GMT
Server: cloudflare
ETag: "4ecf7c9e-e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cRJBa%2FdhbecSV8k6XgTQVDxa8lBXehZ%2FTrtpe5fyeXVOYpbRmi9fQ7%2B1wegEI2qmrRK78gwA9hsev%2FqgeZET8OKoMtM8lkgozyvx3YmTIPf260VnkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f090805fd-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
nekto.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

HTTP/1.1

Server

2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064d918c7000000eaf2d24d000000001
Last-Modified: Tue, 27 Oct 2020 17:31:31 GMT
Server: cloudflare
ETag: W/"5f985973-4d7"
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g2NeoQoolwU8b6gb7%2B9krVhadjuB%2BV7QAs7%2FnTop5518TZjfdbawxDVO%2B8BeC8J3%2FrKKd1A5WHOOLgHfIcQn8SgZz0YEfppxo90sRCSIw%2BVfikgQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 5ef5eb8d8ad90eaf-FRA
Expires: Wed, 11 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK 1px.jpg
nekto.me/ 1 KB
2 KB 58ms
57ms Image
image/jpeg 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/1px.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f65e932e3e94c49da3e00eef1042be0bba7a7c1a2295baf3dcf755e1f83ffad

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1266
cf-request-id: 064d918d6800002b95552ff000000001
Last-Modified: Sat, 11 Jun 2011 23:51:37 GMT
Server: cloudflare
ETag: "4df3ff89-4f2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gambIJR4gwG3I7wyRj7Ekz203r4ZVMY5FOl9vHSdfJb08n%2FI8ByGSF8LUwdGU076UEeR2BfD3N1893kk74NhKPhZJ6yiprp4CvTrCgBVxUlTxFicyg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f09582b95-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/ 344 KB
136 KB 70ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://nekto.me
Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 06:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3647
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138367
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 19:55:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 06:45:41 GMT

GET
H2

200

rtrg
vk.com/
Redirect Chain

http://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-
https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

49 B
444 B

70ms
70ms

Image
image/gif

87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.27064

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-frontend: front213218
server: kittenx
x-powered-by: KPHP/7.4.27064
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

Redirect headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
X-Frontend: front213218
Server: kittenx
Content-Type: text/html
Location: https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H/1.1 200
OK logo2.png
nekto.me/img/ 3 KB
4 KB 69ms
57ms Image
image/png 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/logo2.png
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c19b613dde157dc1e90ee81cb71d5ba06008bbbe8f43c267ca1eff0d2c1c5c

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 2855
cf-request-id: 064d918da70000c2f42b263000000001
Last-Modified: Sat, 20 Oct 2012 00:58:09 GMT
Server: cloudflare
ETag: "5081f721-b27"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2FFxslGedm2SNcMEmQfc9vnsHWuUgoZXEtqdOlLL3r6H058KznaZq3Mg312yQfpZoadEoADqaKbB%2BxRTO6J0116Fqw0slWlVfrqjgVagTbMe%2B%2FAeog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f7811c2f4-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK online_corner.jpg
nekto.me/img/ 1 KB
2 KB 65ms
61ms Image
image/jpeg 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/online_corner.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1649efcb2f0b91911e6f460ce6909855364c172f1a9ffc73cda894e26d602bdb

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1318
cf-request-id: 064d918da100002b958985d000000001
Last-Modified: Sat, 20 Oct 2012 00:58:32 GMT
Server: cloudflare
ETag: "5081f738-526"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w6lTZkrX7svyt8f2td7VUd69IEeZ3q0ZMs63UDCmqSNozraf6BbICwwfFQwbvkJeMn3BjxE9adY50E5i7dXAVTT9FE7P9W5uffAR4eBZNxqCnxsO4w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f6a0f2b95-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK reg_bg.jpg
nekto.me/img/ 12 KB
13 KB 90ms
86ms Image
image/jpeg 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/reg_bg.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89dad5ce8dc655c268246ec30456186cee07b5308a701404f7f886447269c338

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 12460
cf-request-id: 064d918da000001f4569b5d000000001
Last-Modified: Fri, 09 Aug 2013 03:28:40 GMT
Server: cloudflare
ETag: "520461e8-30ac"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Xp7mObUSMFsmY8sjPeprAJXrs7CoWCxzgXymzHS76vIio9B%2BPp6eAh8hrK3wK5TJoPXaAUQBKaVwqzCeX7lxyIHOt16xrBemgiwO0NMT%2FpLUEdXjg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f6a781f45-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1 200
OK url_icon.png
nekto.me/img/ 234 B
972 B 71ms
61ms Image
image/png 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/url_icon.png
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9839811163e405ae3f9652735ee211778c04d44c8466101280d01753beee5fa

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 234
cf-request-id: 064d918da70000d709dd2b1000000001
Last-Modified: Fri, 18 Dec 2015 23:44:19 GMT
Server: cloudflare
ETag: "56749a53-ea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sd0YaFO4tkIqPCfKzAXUo7iiwkiGH0mYhmauVSKeQWUFC007OjoZAOsvZcbLGOycMIhTJneef5G4NdQG8Z9vAqndgARBPXE%2B3DSu9B7yTwmtatCeJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ef5eb8f7a86d709-FRA
Expires: Tue, 10 Nov 2020 07:46:28 GMT

GET
H/1.1

200
OK

hit;NektoMe
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u04...
https://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0...
https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%...

43 B
496 B

76ms
76ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.5070693539866351

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:46:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Nov 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:46:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.5070693539866351
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 09 Nov 2019 21:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 143 KB
42 KB 141ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: br
last-modified: Fri, 06 Nov 2020 15:42:20 GMT
status: 200
etag: "5fa3cd75-a8a5"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43173
expires: Mon, 09 Nov 2020 08:46:28 GMT

GET
H/1.1 200
OK index.php Show response
nekto.me/includes/ajax/ 36 B
715 B 59ms
59ms XHR
text/html 2606:4700:3032::681c:439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/includes/ajax/index.php?_=1604907988396

Requested by

Host: nekto.me
URL: http://nekto.me/js/jquery.js?2

Protocol

HTTP/1.1

Server

2606:4700:3032::681c:439 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe3e7e46052f0b17cb750d63cc1c43eedd3a5ba6f030248da53fab2edd2c5f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://nekto.me/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:46:28 GMT
Content-Encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-frame-options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k86xcyD24kiNoGrHv13%2BLXZp0SYGiyxm4aowQn89u%2FsuA5WMfEaDBj3agpPEOGsZDrE8%2FkuER3vedpyW4GCqLo137c4tsT92tPxEYd%2BFlYXh%2F5Hrkw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ef5eb8f8ef10eaf-FRA
cf-request-id: 064d918db200000eaff80ae000000001

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 188 KB
57 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=8c4093d89f13b96974ac83f1aa1357c9&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e370971097985743fbb7ad2247346cbd321f03ec481d53d0bc4da00992ecd5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://nekto.me
Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TCKuGMNIe5pfsnWqF32l/Q==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 57700
etag: "8054979c173c15bd9301ae61da64d18e"
x-fb-debug: saKsUPHOTL4cVYYx9jWrrFNH4SmjFYQ3QAobbZ1MjIS4rETOrV9wqIWWZpd04Qgd0Qj/bydxiYP+jPw0MbmDng==
x-fb-trip-id: 664085054
x-fb-content-md5: 0faf5da3de8ef9e8effbd42429d11817
x-frame-options: DENY
date: Mon, 09 Nov 2020 07:46:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 09 Nov 2021 06:15:39 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
87 KB 60ms
45ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Nov 2020 07:46:28 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame E880 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sun, 08 Nov 2020 18:54:19 GMT
expires: Sun, 22 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 46329
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 9F14 0
0 56ms
42ms Document
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=ii5gfi9fatxi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7iOKyPmcK8/FxB4tdP4Vwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=ii5gfi9fatxi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Nov 2020 07:46:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-7iOKyPmcK8/FxB4tdP4Vwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11086
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
627 B 95ms
35ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nekto.me&callback=_gfp_s_&client=ca-pub-5544460087407207

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e7bb5f9955c0a37ed570f3d2f1fb60a7e2704c502de09bd24cf1c4d2edd58011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 38ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nekto.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 37ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nekto.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0D61 0
0 33ms
31ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604907988&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604907988415&bpp=13&bdt=451&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3448668660057&frm=20&pv=2&ga_vid=1602800222.1604907989&ga_sid=1604907989&ga_hid=1064557708&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706%2C44730557&oid=3&pvsid=3944220527755823&pem=369&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604907988&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604907988415&bpp=13&bdt=451&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3448668660057&frm=20&pv=2&ga_vid=1602800222.1604907989&ga_sid=1604907989&ga_hid=1064557708&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066706%2C44730557&oid=3&pvsid=3944220527755823&pem=369&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Nov 2020 07:46:28 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Nov-2020 08:01:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Nov 2020 07:46:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604665402527796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Mon, 09 Nov 2020 07:46:28 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/34274390/
Redirect Chain

https://mc.yandex.ru/watch/34274390?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn...
https://mc.yandex.ru/watch/34274390/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3A...

186 B
268 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/34274390/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201109084628%3Aet%3A1604907989%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A865065488291%3Arqn%3A1%3Arn%3A83516205%3Ahid%3A250044838%3Ads%3A9%2C5%2C90%2C1%2C0%2C0%2C0%2C420%2C14%2C%2C%2C%2C529%3Afp%3A539%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604907989%3Au%3A1604907989621813188%3At%3Anekto.me%20-%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

681b31991387dfd180d08582803fb355604c57afaea3a00e467eef23c68a8159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:46:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 09-Nov-2020 07:46:28 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://nekto.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Mon, 09-Nov-2020 07:46:28 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:46:28 GMT
last-modified: Mon, 09-Nov-2020 07:46:28 GMT
status: 302
location: /watch/34274390/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604907987855%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201109084628%3Aet%3A1604907989%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A865065488291%3Arqn%3A1%3Arn%3A83516205%3Ahid%3A250044838%3Ads%3A9%2C5%2C90%2C1%2C0%2C0%2C0%2C420%2C14%2C%2C%2C%2C529%3Afp%3A539%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604907989%3Au%3A1604907989621813188%3At%3Anekto.me%20-%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C
access-control-allow-origin: http://nekto.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 09-Nov-2020 07:46:28 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 51ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
last-modified: Fri, 06 Nov 2020 15:42:20 GMT
status: 200
etag: "5f9c117e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 09 Nov 2020 08:46:28 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 7763 0
0 23ms
23ms Document
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=l3ofq7tpu29i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xy3Cvjl8ikkQKeyjchZ4MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=l3ofq7tpu29i
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Nov 2020 07:46:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-Xy3Cvjl8ikkQKeyjchZ4MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1171
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9733dc8e06c0a74eab36d2888ff8db6f3e1931745f67539ceb2092ed22ce1da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6801
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 09 Nov 2020 07:46:28 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 60B7 0
0 34ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 09 Nov 2020 07:11:28 GMT
expires: Tue, 09 Nov 2021 07:11:28 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2101
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=3944220527755823&bg=!8fKl8tLNAAXuKKZk7lhoq-fmSud-5wIAAABWUgAAAAxoAQcKATMMWZsIqtzeUew2JgqPWdSwQKrXKenUbtFHD4NqAFkaCYfGG3VeLXh2cNhip3AXiGD2cH43TYnRwVmLY2ONFrEULWVRezXWU17gTNxWG3BzkYUGQ6gShrllIoede3skFunc5juidCNaB5u_HVrFKH9VBhsJC3t75S5HzUantDLTiR5BeIofJxi2AArd4AGppNlZrZK1GMPj2vrI_olq3PRu6IJD-0Sqiq3WMQkNzfpXOPVCikq5WRFFjZBkqk8LLfMoRJV12BAAiklV-55C2_7OMWQShGc4fYv9oHSfI0L-QBvV3dX2bGN8ecWIp3SObHJpL2cacNkEtRoYzIcErl6Uo3uKnoDiuddOjXYiBd9xzIx-_l192vMLLW7yRf11tBei5t0isHWSsg7jc6OiJGYoedWqmQHIQp8L1Q4vrj-D_AhPFWH0YTeAesaBuZWu-vZ_j_p4kFHDddVWoJJ0xf4jnlEHkCNE90FWaSKmszhMn9d-e-eHdh0AOOjpuQ6suoRNWKh0j2xS9gLHP-fwhugphIxKbMECcfAGOG8CxeEA0s69VZXXy6Z5kJGXWSGJ9iWdmkR2ppGaP9MUZqJ2e_0yV6D27x1kwUI7hz2QysOo4wbQU9glDVxAHyIqx2FxYvRnQQBsX9WczTY3-LoGPHKsthfTcClHcBMvGil03_24BI_HvzTnZFLHEPjf41LK0kvrrPzPuXk80VIcXeFCHXDinw-2U0FjTaiII4ZkPp0vQmvXhxFhM_9CgTP25WRpcpYi02OlDMZMnp5yY2fq70Hvx-JwAyhvVidjDhAaz0Ddgur3JU_YV9FcH3QAOQ-xeeuGwZpcx9raUhvvE3TskynbhpmEKt-tv1pob2tXY509otiCfa3gDtz5Y2uPbCRZb1Hd8lcd0xUSMEokHF6_rjyMc6hAz9xTKf_bBJTcKIhPWkFbjw1UFs30a-5IRgJdRovNafpb73GpsyI8e-BNLzeYVgz4RSDL0neKkiCA-xe1HdJiDDaIHKK93XToewP8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:48:28	Name: test_cookie Value: CheckForPermission
.nekto.me/	1970-01-19 13:49:39	Name: _ym_isad Value: 2
.nekto.me/	1970-01-19 23:10:03	Name: __gads Value: ID=78a7a65a2e02300d-22ea0bdb69a6007c:T=1604907988:RT=1604907988:S=ALNI_MYX5fDWnYU4Ic2a_OEn-FhhMynbVA
.nekto.me/	1970-01-19 22:34:03	Name: _ym_d Value: 1604907989
.nekto.me/	1970-01-19 22:34:03	Name: _ym_uid Value: 1604907989621813188
.nekto.me/	1970-01-19 14:31:39	Name: __cfduid Value: d703cebb9621e1e0bd41bd8bcc47c75da1604907987

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://nekto.me/js/jquery.cycle.all.2.72.js(Line 33) Message: [cycle] terminating; zero elements found by selector

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
counter.yadro.ru
googleads.g.doubleclick.net
mc.yandex.ru
nekto.me
odnoklassniki.ru
ok.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
vk.com
www.google.com
www.googletagservices.com
www.gstatic.com
172.217.22.66
217.20.147.1
217.20.155.13
2606:4700:3032::681c:439
2a00:1450:4001:80b::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2004
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
87.240.190.67
88.212.201.204
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0bf897707835ef8d47aa7188075757f98d13185292bd7b8eccb3659e2c19ed93
103fc73af427191044b7c92db49cf45442782410befc7e630225452bce49677e
1649efcb2f0b91911e6f460ce6909855364c172f1a9ffc73cda894e26d602bdb
1f74d6963b542c2fff9353700952c52941ff961fc551be3bab75f6d9a0d55ad2
1fd157539f248a35f55150acb86c051174b543feaf41a68277261aaa6170969f
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0b4f60160a7b46ee1d6affdfb3d6dc2114330688b81b52cbad354ed2544ca0
2c2a9365874b974914082d8501c7d82dd1c417184de5f38768d0ed1c1a931c84
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35c19b613dde157dc1e90ee81cb71d5ba06008bbbe8f43c267ca1eff0d2c1c5c
3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0
3bb1944ed5f7cfc00fcc2f3a2337a0a7269708473c0f92f4bd49586d82ad6920
3f65e932e3e94c49da3e00eef1042be0bba7a7c1a2295baf3dcf755e1f83ffad
4fe5d89920641371f3af6612e80764f29b19fe4d3458714ac56465d07a268b4a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
681b31991387dfd180d08582803fb355604c57afaea3a00e467eef23c68a8159
6fe3e7e46052f0b17cb750d63cc1c43eedd3a5ba6f030248da53fab2edd2c5f9
70a13cea4bcb1f23279cd197b18dc3261762b782e19e077c09557147bd967c33
79b5f7ef7c8b564205a17914796ebb12d869177990b47117c3e5b94fe8eefbf3
89dad5ce8dc655c268246ec30456186cee07b5308a701404f7f886447269c338
9733dc8e06c0a74eab36d2888ff8db6f3e1931745f67539ceb2092ed22ce1da8
97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f
b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e
b9839811163e405ae3f9652735ee211778c04d44c8466101280d01753beee5fa
c12f7fd2399790e97f02fa75bf4267c725870e56ce6c6c55064bb469e018ce9d
dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af
e09f4e597546c91ff7c676993830f93b56a186d1c99fcfb71d68edbae6f8a549
e370971097985743fbb7ad2247346cbd321f03ec481d53d0bc4da00992ecd5d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bb5f9955c0a37ed570f3d2f1fb60a7e2704c502de09bd24cf1c4d2edd58011
e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

nekto.me Open in urlscan Pro 2606:4700:3032::681c:439 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

42 Requests

60 %HTTPS

58 %IPv6

14 Domains

16 Subdomains

11 IPs

4 Countries

537 kBTransfer

1422 kBSize

6 Cookies

0 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nekto.me Open in urlscan Pro
2606:4700:3032::681c:439 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

60 %
HTTPS

58 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

537 kB
Transfer

1422 kB
Size

6
Cookies

42 HTTP transactions
0 data transactions