www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nur.kz/
Effective URL:
https://www.nur.kz/
Submission: On May 25 via api (May 25th 2022, 6:03:52 am UTC) from AU — Scanned from DE

Summary HTTP 449 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 69 IPs in 11 countries across 56 domains to perform 449 HTTP transactions. The main IP is 91.215.139.234, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is www.nur.kz. The Cisco Umbrella rank of the primary domain is 477900.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 29th 2022. Valid for: a year.

This is the only time www.nur.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	91.215.139.235 91.215.139.235	48716 (PSKZ-ALA) (PSKZ-ALA)
24	91.215.139.234 91.215.139.234	48716 (PSKZ-ALA) (PSKZ-ALA)
67	94.247.128.36 94.247.128.36	48716 (PSKZ-ALA) (PSKZ-ALA)
1	116.202.11.241 116.202.11.241	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1389	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	18.66.248.93 18.66.248.93	16509 (AMAZON-02) (AMAZON-02)
8	95.216.24.149 95.216.24.149	24940 (HETZNER-AS) (HETZNER-AS)
1	13.224.198.93 13.224.198.93	16509 (AMAZON-02) (AMAZON-02)
1	18.216.229.163 18.216.229.163	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:401... 2a00:1450:4014:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	94.247.128.43 94.247.128.43	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	94.247.128.38 94.247.128.38	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
21	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
31	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 33	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
5 7	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
13	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
27	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 4	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
3	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
6	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
6 7	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
2	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	46.236.35.87 46.236.35.87	12703 (PULSANT-AS) (PULSANT-AS)
3	13.225.80.87 13.225.80.87	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	34.254.130.126 34.254.130.126	16509 (AMAZON-02) (AMAZON-02)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
449	69

4 91.215.139.235 (Kazakhstan) 1 redirects

ASN48716 (PSKZ-ALA, KZ)

nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 91.215.139.234 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

www.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 94.247.128.36 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

cdn.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.11.241 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.11.202.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1389 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-93.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.216.24.149 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.24.216.95.clients.your-server.de

tttt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-93.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.216.229.163 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-229-163.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4014:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.247.128.43 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

stat.khanate.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.247.128.38 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

nurtech.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.102.29.65 (Milan, Italy) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.225.206 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.92.94.3 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.236.35.87 (Plymouth, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.80.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-87.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.254.130.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	nur.kz 1 redirects nur.kz — Cisco Umbrella Rank: 374847 www.nur.kz — Cisco Umbrella Rank: 477900 cdn.nur.kz — Cisco Umbrella Rank: 579123 webapi.nur.kz	1 MB
62	googlesyndication.com c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 ade.googlesyndication.com — Cisco Umbrella Rank: 269	459 KB
62	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284 ad.doubleclick.net — Cisco Umbrella Rank: 202	299 KB
53	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	1 MB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2517 ad4m.at — Cisco Umbrella Rank: 2091 assets.ad4m.at — Cisco Umbrella Rank: 34316	1 MB
14	google.com www.google.com — Cisco Umbrella Rank: 7 analytics.google.com — Cisco Umbrella Rank: 685 adservice.google.com — Cisco Umbrella Rank: 74	2 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	297 KB
11	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930 api.webgains.io — Cisco Umbrella Rank: 48593	155 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672	143 KB
9	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 17292 tttt.onthe.io — Cisco Umbrella Rank: 830432	20 KB
8	webgains.com track.webgains.com — Cisco Umbrella Rank: 38036	233 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	333 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	7 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 103120 static-de.ad4mat.net — Cisco Umbrella Rank: 167776	12 KB
6	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10246	416 B
6	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	2 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 j.clarity.ms — Cisco Umbrella Rank: 2179 c.clarity.ms — Cisco Umbrella Rank: 668	25 KB
5	awin1.com 4 redirects www.awin1.com — Cisco Umbrella Rank: 15147	4 KB
5	yastatic.net yastatic.net — Cisco Umbrella Rank: 6107	147 KB
5	yandex.ru yandex.ru — Cisco Umbrella Rank: 1392 an.yandex.ru — Cisco Umbrella Rank: 2598	81 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	2 KB
4	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 1128	1 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 809	826 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 414	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	479 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 55297	966 B
2	zenaps.com 2 redirects www.zenaps.com — Cisco Umbrella Rank: 20407	1 KB
2	congstar.de banner.congstar.de — Cisco Umbrella Rank: 71012	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 818 s.tribalfusion.com — Cisco Umbrella Rank: 2566	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 571	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 598	571 B
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	753 B
2	gstatic.com www.gstatic.com fonts.gstatic.com	41 KB
2	khanate.pro stat.khanate.pro — Cisco Umbrella Rank: 916919	324 B
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 7908 certify.alexametrics.com — Cisco Umbrella Rank: 4391	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 232	558 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1210	75 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	265 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1439	296 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 14703	554 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 594	191 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	862 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 71156	635 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	247 B
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7527	31 KB
1	nurtech.pro nurtech.pro	795 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1364	40 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	69 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
449	56

	Domain	Requested by
67	cdn.nur.kz	www.nur.kz
33	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
31	tpc.googlesyndication.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
27	static.criteo.net	ads.eu.criteo.com
24	www.nur.kz	www.nur.kz
21	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com googleads.g.doubleclick.net www.nur.kz s0.2mdn.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
20	pix.eu.criteo.net	ads.eu.criteo.com
18	assets.ad4m.at	as.ad4m.at
14	securepubads.g.doubleclick.net	www.nur.kz securepubads.g.doubleclick.net
13	s0.2mdn.net	www.nur.kz s0.2mdn.net c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com as.ad4m.at ad4m.at
10	www.google.com	www.nur.kz c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	api.webgains.io	analytics.webgains.io
8	track.webgains.com	as.ad4m.at
8	www.googletagservices.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	tttt.onthe.io	cdn.onthe.io
6	csm.eu.criteo.net	ads.eu.criteo.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com www.nur.kz googleads.g.doubleclick.net
6	ads.adfox.ru	www.nur.kz
5	www.awin1.com	4 redirects as.ad4m.at
5	yastatic.net	yandex.ru
4	ad.doubleclick.net	4 redirects
4	pixel.rubiconproject.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	cms.quantserve.com	3 redirects c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	an.yandex.ru	yandex.ru
3	analytics.webgains.io	track.webgains.com
3	onetag-sys.com	2 redirects c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	static-de.ad4mat.net	as.ad4m.at
3	ssum-sec.casalemedia.com	3 redirects
3	rtb.openx.net	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	prod-rtb.ad4mat.net	www.nur.kz
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ads.eu.criteo.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
3	rtb.nl.eu.criteo.com	www.nur.kz
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	webapi.nur.kz	www.nur.kz
3	www.google.de	www.nur.kz
3	j.clarity.ms	www.clarity.ms j.clarity.ms
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	www.nur.kz www.google-analytics.com
2	ade.googlesyndication.com
2	c.clarity.ms	1 redirects
2	www.conrad.de	as.ad4m.at
2	www.zenaps.com	2 redirects
2	banner.congstar.de	as.ad4m.at
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	googleads4.g.doubleclick.net	www.nur.kz
2	stat.khanate.pro	www.nur.kz
1	c.bing.com	1 redirects
1	ssbsync.smartadserver.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
1	match.adsrvr.org	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
1	s.tribalfusion.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	portal.o2online.de	www.nur.kz
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	avatars.mds.yandex.net	www.nur.kz
1	nurtech.pro	www.nur.kz
1	www.googleoptimize.com	www.nur.kz
1	analytics.google.com	www.googletagmanager.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.nur.kz
1	certify.alexametrics.com	www.nur.kz
1	certify-js.alexametrics.com	www.nur.kz
1	yandex.ru	www.nur.kz
1	www.googletagmanager.com	www.nur.kz
1	www.clarity.ms	www.nur.kz
1	cdn.onthe.io	www.nur.kz
1	nur.kz	1 redirects
0	googlecm.hit.gemius.pl Failed	c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
449	86

This site contains links to these domains. Also see Links.

Domain
play.google.com
special.nur.kz
kaz.nur.kz
1xbet.kz
bit.ly
ads.adfox.ru
ffin.kz
t.me
news.google.com
www.instagram.com
corp.nur.kz
www.facebook.com
vk.com
ok.ru
www.tiktok.com
apps.apple.com
appgallery.huawei.com
nurtv.kz
musicnur.kz
rabotanur.kz
genesistudio.net

Subject Issuer	Validity	Valid
*.nur.kz Sectigo ECC Domain Validation Secure Server CA	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
khanate.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
nurtech.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-04-19` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-08`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.nur.kz/
Frame ID: 20F6CCE98CA09EDAA8EC6B86CAF3B1E1
Requests: 164 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 997093732DCC081D7532CABE1AB4304E
Requests: 1 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E28E469DBDE43BB9E3457140A771C4D
Requests: 16 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AAFBFA9EDB07DDD2C1FE4BCA104B06E4
Requests: 9 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 819CE9C0EAB7F4EB7329CBE2CB988EA6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 6F67CD30DD5D0D036E9605D4287823EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWgYKe4TQAAQ_-qpjSsGU0_RxBM-0Kg&u=%7CroWn9CFp1181tYIGHGixv%2F7HiW%2FEWmV2TLpXeQRlkOQ%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq8eSNa5GkYC5_UVfiH9deZMdXcw3UOeFKQSHtb92apHbiIxh7ePVlU7Epoyc5zIQUJRA88dex3M1A_0rQUyOoh2hx5ilpU6bbclyiWkXGNGLewxFxjkZTPJZh0N5gvARW3j5syeg8TbQhAqFQ8XQ1-wfLmosLEGNm8PVrtJpR2GkES1DhnMj9HayycPYwvudHc9WgxVLdKxWdOSCWn88BzI4m9HK8DYGfr2_fm9qXP6sbwxhPHbUF4mkd7PHyi6x3WZsBTQgQ1JU_V30QHPeKLMFxhd5nJrjIiOZZSl3Ia9RSNQ_6pw-Iodx-8UCffvA6LCIs3RjDdzwa8sbvWMLteMLw24eLeVte9BLYojTGFUcmmkaLaRgE4GGaaDD1jNgYw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj4gjqcaNYoa0OdCJ7gP6_5DwAsme0rFcxbKY93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAvY9KmWPArI-4AIAqAMBqgTiAU_QGwNdtb0lJiMeoOMH9Zdh30xwZLfrwxwhmejwJGcvYZrIQGx1cRMj4kSBqCmwO_Fs3pg8EJ-Z-K5pJv-uBuhnRJISSDgxrlG6HCfbBSA8o216bzqeNXorELVOl3g7mzweVwXx4ypwYSH28qaggeilj3WAODjBVt259YGbEvpE2Qhxd-V6m4a55ZQIxQRZgmNmnW2ZP5zhHGlZ7sgZDD6DdttVtgQQ3_4mNP0qYFdyXbNVlz9hsGlmqZ8SpNNmeb0qSrDVdChk3KrfVkdvLsaaU0xrtwx7Rb70rjdcopgdKCzgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zqn7Q6xB3s3H0sPjEw6pbgwoNRQ%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: 835CFD9D1F566E64C61F5101B1E25987
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivtde9ATAB&v=APEucNXe5OM3CgRoXnt2fVitqq6mDKvOfa85ARaeIcQMZiXMZuVlVL9akaqqx2COFM8RfIvyI0nn06WMCtnIStimOiQ__sQocwSYnK7vnKFpFfLW4LY011HAXX7kyqSwaCBUsVc8s76PQZ0cgpIj8sebmapmTn-xHhYkERnXmJ6Vw-tBYFCvWxM
Frame ID: C0CF0D2DCACB2862CD9982A28A3D154C
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWU4Ke4TQAAQ_-rr79olQAlQq_0KzXQ&u=%7CroWn9CFp11%2BbJzQ1%2B9eAsDEUjVSFAw7z4HdaWGC%2FXQk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq_x2F10iwDg3050iE8yT4kPctGziG8dlz9MOu4PT_2UMgBxJj7_oWAcGH-ZN9b8xB-9wd6SgZFOTHLdztPSJXBqmcT4g8LnJjFjXLkvyVeRbgGG3ZOxWwvO_5pCVKCtSIFrmfhhUi61tx_YNXVQ0rEKxmznR9FOV-eeYN9Y-mok8U0YxY5bbIYP-nZt7MPA3DTMXJoYdFdGwyQ3mx7xm3fXH1D5BPshfFxLob3D6FLPwgHT87Urps2tB-2EJ-EsDlx_GeiXeo_0T4RT2dhsLlxGzuTgANGIsjnIoZ5mhV9sC7EYhuB6B08n8rsz7_i9kueUd93-jIB_HIDF4Zd8IqStyFYE74QQIgFMjULPOqWUu4VCbmYbrvaE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC5hqcaNYs6yOdCJ7gP6_5DwAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAdW20uoDyAEJqQL2PSpljwKyPuACAKgDAaoE4gFP0ATsBnQkVCfetJHnoId1nMu8GFZxfvwElE5dYs9ZF74PONXpvMXlldwdet4K20CIoL-z5HZXQVdb35MFs7NQGftFAYcp3aFyOFxy3n1_1JvwMSYDHYvc0vE-8gW-32f4KoBMMIgkf1qFr9TvOSgzMAVeZWogXZCbcrveQqGdini0M2zhir68aNNDuB7vETi-57fAbJm2kNaZm286szgj252NWUDdHRLo5jNBoDhCxO5kgQpZ6SIw7ZBAOfWermQ-_6QwBdZ6oPGv7XzctkjTdyPDC05vuRliHn_0abF0UsiW4AQBgAaJiPDzjaCK-XugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrvuVdUBhVjOsBHukROXGKl0yGg%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: 601BD3F5F179E01AC2A486241941DF61
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1653458602&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602295&bpp=3&bdt=1115&idt=310&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&nras=1&correlator=5554957263962&frm=20&pv=2&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=325
Frame ID: E2053887BB62AF3B8274026A7A0A94EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426
Frame ID: 4C1E4556F77BCCD29102B711FD145855
Requests: 16 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DB375161755834AF21B1507114AE1DA
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
Frame ID: 7A49F23902D0D327BBFB1C916F3F84AE
Requests: 14 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 711C64E5002C5426243D9C8F096751FD
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D
Frame ID: CF2F515D418C5A613C75B82695F7530D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 405C778432BBA7FEB778FA1FCB70ED6A
Requests: 9 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCA6E7F884931CFA3C2D050AE5386C7B
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D
Frame ID: 4DCC294AEE08ADB46DD634D96CECF1DF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D228C30403F8A5B0B94542126C31B16
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E18A847D0CDE0ABB6C1EE997A1CBAACB
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqwAAv1kK4A4QAAhRzH-9dBvInDdAorgaOQ&u=%7C7Cc6W5l6S7U1%2BqQ59a9g6imfyZTJT944t5%2FIhq455xo%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq5_FVQZvDRx-DFjy6mR5-AF1YQP7NnDIZ5G-CA4aa3T749-13IOKmXJkZX45CsOpBDtqGyYcg5UCUh3HWeKO6jNWPKILgWtkRMBZLQaDddnByAJglbi2TgPvzv9LhjO6mCe5QZbCrRYU9lP26rxq75_448Yg0qpUbu6O3KtY_v5N6M_E6qBS-A3DDHBRvNcOIcsaXKIkT5o5FM6w-jGNeZQp6JtNdEf-EOGyTh26aWJz8DUPNtWqy9gU3KJ9mIl5DSF0v05xhd4a-_Q6OakhXS7E3BQ9Ckdch-VL0wrorYr9KlhzGkbwvLn545GOaGOPZXCryf1_G3-EQK9WwbPm-IoMqOkmz8j3BpCAPJkacMm3XnbIehMYFp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkqaRq8aNYtn-ApCcgAfMo6HAAcme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAkpR8hrg_LE-4AIAqAMBqgThAU_Q8XUMhhbCAWXbRV3558bw0F2tjiPnRaaGVKf0RYk0QuoGn6B_UCfWctLo2p3IQpRpZozn4MFo5BgzpokzPB3veB0GryeIKllB6kt_eWkIxCN2Gw0iTDHCeuaRh_AEBYGgiFKgOCfZi69o9i5DPRSClwhAaN6bwQV8XCnxcGOnKiBwNyNczRr1h5fk1dQiFTyDLB3lCTHEZ4AkjQHbC4bL3JWoHu7qgcp2EomoO7ix1AzMo_CIU_unsONPNCp-xASIE-sNgZVCF_lplfQEVvHOhF4EqaOaN9pcm2Oj7o7LiuAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1nlLMTP-O4bNIC3ZbRYcp9vxbbpQ%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: 9DBE85141CB22638D1827908AC10AD36
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE6F049FCF04AB4D08714D897FD68E59
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 722AE324530F7B9CCBAAEFD95E94DBA1
Requests: 9 HTTP requests in this frame

Frame: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AEF5DFD7DB8D40557296882BEBD11135
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: 06D02F60CF492120B4CE9F654E49AB0F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED60D6EB85897EF28DA673FDED4E9ECE
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 627BB01B958256F58348FD5BE43998DD
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 28937FFAC132062495BD582561F2A68F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: D58D92BA2E5224B9C5148629F2A1DD0E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: E9F90FE45DD1BF290BE7E796AB1BD2CE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2A415FA79C99C6536D65E8E36C67E0B2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Frame ID: 979CB00987A81266777C10CE11158906
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Frame ID: 23AF7254C18439674843F3B8A4D874E6
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Frame ID: F5EAFA90EAE2CE01CA94DFC942FFB753
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F17B87CFC10B780A559EE629C87EAEC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A367FA8ED29A43B1626F40D710A89A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Казахстана – последние новости от NUR.KZ

Page URL History Show full URLs

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

449
Requests

92 %
HTTPS

47 %
IPv6

56
Domains

86
Subdomains

69
IPs

11
Countries

6359 kB
Transfer

11142 kB
Size

72
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_header_banner

Search URL Search Domain Scan URL

URL: https://special.nur.kz/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/
Title: KZ

Search URL Search Domain Scan URL

URL: https://1xbet.kz/?tag=s_43153m_2205c_button&site=43153&ad=2205
Title: Ставки на спорт!

Search URL Search Domain Scan URL

URL: https://bit.ly/37RIUBd
Title: Бизнес с

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/252771/clickURL?ad-session-id=6239761653458601621&hash=5cb3d7715908d596&puid1=Homepage&sj=OL6w8MmUISI05oYVOSbC9UTLj4JbDd-98eKh7yO7McWjkVJ8bgMQo9w-TOvjrQ%3D%3D&rand=dlnhgig&rqs=qT7h-2HYASOpxo1ihERRpoq6uvaKG405&pr=gsysaaw&p1=crsny&ytt=158331285143557&p5=lngbo&ybv=0.586016&p2=gfdy&ylv=0.586016&pf=https%3A%2F%2Fwww.election.gov.kz%2Frus%2F

Search URL Search Domain Scan URL

URL: http://ffin.kz/?utm_source=nur_kz&utm_medium=vidget&utm_campaign=Global_mkting_2021
Title: Фондовый рынок Индекс S&P 500 3941.48 $ -32.27 -0.81% Акции Freedom Holding Corp. 39.75 $ -1.02 -2.50% FTSE 100 7306.00 £ 2.00 0.03% IMOEX 2293.62 ₽ -8.23 -0.36%

Search URL Search Domain Scan URL

URL: https://t.me/newsnurkz
Title: Telegram

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK7ylAswg8SqAw
Title: Google News

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kaznews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://special.nur.kz/rough-finish-knauf
Title: <img class="post-preview-media__picture" sizes="(max-width: 755px) 97px, (max-width: 1151px) calc((100vw - 152px) / 3), 231px" srcset="https://cdn.nur.kz/images/720x405/f27ff35f94e53aee.jpeg?version=1 720w, https://cdn.nur.kz/images/560x315/f27ff35f94e53aee.jpeg?version=1 560w, https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1 272w, https://cdn.nur.kz/images/176x99/f27ff35f94e53aee.jpeg?version=1 176w" src="https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1" alt="Стройка" title="Стройка" decoding="async" /> Почему хозяевам нового жилья не стоит бояться "чернового" ремонта Вчера, 09:00

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/health/1970787-eski-sutinin-balalarga-paidasy-men-ziyany-qandai/
Title: ДенсаулықЕшкі сүтінің балаларға пайдасы мен зияны қандайСегодня, 09:03

Search URL Search Domain Scan URL

URL: https://corp.nur.kz/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PortalNURKZ

Search URL Search Domain Scan URL

URL: https://vk.com/portalnurkz

Search URL Search Domain Scan URL

URL: https://ok.ru/portalnurkz

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@newsnurkz

Search URL Search Domain Scan URL

URL: https://apps.apple.com/kz/app/id830230766?utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C102765781

Search URL Search Domain Scan URL

URL: https://nurtv.kz/
Title: Видео, фильмы

Search URL Search Domain Scan URL

URL: https://musicnur.kz/
Title: Музыка

Search URL Search Domain Scan URL

URL: https://rabotanur.kz/
Title: Поиск работы

Search URL Search Domain Scan URL

URL: https://genesistudio.net/
Title: YouTube MCN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsoqzPyqrJ0pNwt83ZRh-M&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo3GqvEYIQVjtMySaSk2awAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPcpfq2EA-9xxRFWal05eM&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBUmngfVbX9JfN6lilqvsxs&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4Nzg0Mjk0MTY1MDQ0ODIzMw%3D%3D

Request Chain 283

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKBBJe8ovzrwJog1fJxB0_OuXojqOpNnpLFGAQpDdWHDNS9-ouag52M9ndHHRw&google_gid=CAESEHOj7QMHqlrqNTTStL5YN8k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFCSGpJNXlYQQ&google_push=AYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKBBJe8ovzrwJog1fJxB0_OuXojqOpNnpLFGAQpDdWHDNS9-ouag52M9ndHHRw

Request Chain 285

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECPCUkETf_Vo3F8P464rTCg&google_cver=1&google_push=AYg5qPK3XMu78JbFNwhkG1-owhgxjhrgerrcG857jtr2WE85yq-Nm07ut4wQsYK52_rlJS25OauFLjjc4lrZ162zA2W9SR4tmng4aQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECPCUkETf_Vo3F8P464rTCg&google_cver=1&google_push=AYg5qPK3XMu78JbFNwhkG1-owhgxjhrgerrcG857jtr2WE85yq-Nm07ut4wQsYK52_rlJS25OauFLjjc4lrZ162zA2W9SR4tmng4aQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3XMu78JbFNwhkG1-owhgxjhrgerrcG857jtr2WE85yq-Nm07ut4wQsYK52_rlJS25OauFLjjc4lrZ162zA2W9SR4tmng4aQ

Request Chain 286

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasnsppw3r6SlzhspMaBHWvbjbrcvWEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3U08tVS1FSFNa&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasnsppw3r6SlzhspMaBHWvbjbrcvWEA

Request Chain 287

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&google_push=AYg5qPIyP3yda64kE61_MaQFwv4nSnBCyeE9kXp35h2fdKmL5JVV4RoDIbOohGM5J5eUDH4jOyJnlHV7YbdHeB2B2Fz3aLXlFCJXdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_push=AYg5qPIyP3yda64kE61_MaQFwv4nSnBCyeE9kXp35h2fdKmL5JVV4RoDIbOohGM5J5eUDH4jOyJnlHV7YbdHeB2B2Fz3aLXlFCJXdA&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1

Request Chain 296

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_HUeKlT1_kbZ6JtFieKj-YcWTZY78dYHgUH5-tt5VNJ1g HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_HUeKlT1_kbZ6JtFieKj-YcWTZY78dYHgUH5-tt5VNJ1g&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Request Chain 297

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK0R7YNUqY0WPgvNbsiB8kFLxQMMCHMdj9mrx9kcUU_ZqoNpu-GIyaWy0pVMhOKCysGubn8HBmgXVtI9hecP3p_AOoFI8OgqQ&google_gid=CAESEPJDv65IVWPOMeCTtGM9FiY&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKuNt5QGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBLMFI3WU5VcVkwV1Bndk5ic2lCOGtGTHhRTU1DSE1kajltcng5a2NVVV9acW9OcHUtR0l5YVd5MHBWTWhPS0N5c0d1Ym44SEJtZ1hWdEk5aGVjUDNwX0FPb0ZJOE9ncVE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQkdYYjd0WmVHY2stSHF6YjM5ZXZYZ1RlN1ZabkNoVFVmLWphbmxra1BYSQ==&google_push

Request Chain 298

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxmtjDOE8fhC_QmcIEaa-YOwlBrbjZJFt_A&google_gid=CAESEFlsURet50wWwD_6s935b8U&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxmtjDOE8fhC_QmcIEaa-YOwlBrbjZJFt_A&google_gid=CAESEFlsURet50wWwD_6s935b8U&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUwNjAzMjQwMDA3MzA4MTg1NTAyMQ%3D%3D&google_push=AYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxmtjDOE8fhC_QmcIEaa-YOwlBrbjZJFt_A

Request Chain 300

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECPCUkETf_Vo3F8P464rTCg&google_cver=1&google_push=AYg5qPIspJ-9bGLFtpnaGFwb2QSHCsfl0SECXlrs7dUefcNp-XUrj9aby2qZGiLhbEaO497GxXiK75zQd5Jj0BQqkUqZNvtj_7ojzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIspJ-9bGLFtpnaGFwb2QSHCsfl0SECXlrs7dUefcNp-XUrj9aby2qZGiLhbEaO497GxXiK75zQd5Jj0BQqkUqZNvtj_7ojzQ

Request Chain 301

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_IaAPNXvdz0knO-nCGV_YdhyMG1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3V1YtVS05V1Q=&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_IaAPNXvdz0knO-nCGV_YdhyMG1

Request Chain 302

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&google_push=AYg5qPLIQCF9psm6h1Yk22jTGwklC5fORXhLizNwPH1y3R3GKLfcS5e2IoAtq8HO95tewh58uIkIGMAhlP7Ob_jdo2TqVHIUGIIEzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPLIQCF9psm6h1Yk22jTGwklC5fORXhLizNwPH1y3R3GKLfcS5e2IoAtq8HO95tewh58uIkIGMAhlP7Ob_jdo2TqVHIUGIIEzg&google_cver=1

Request Chain 331

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEImJWO1jEZ3gup4KvN-hSHk&google_cver=1&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89Q9MU7e8U2O8R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89Q9MU7e8U2O8R

Request Chain 333

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAXYa4b-3q3aJeSHWtod7M4&google_cver=1&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6pYu0GTS2kEZf1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8r2tBmjbR_2Wu7N-ueoiyw2&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6pYu0GTS2kEZf1

Request Chain 334

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE43m0ilNX1K-2VkdJQACvI&google_cver=1&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXxlzKS9-E0kM88J5ly5rdk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE43m0ilNX1K-2VkdJQACvI&google_cver=1&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXxlzKS9-E0kM88J5ly5rdk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUzODI3MTkwNjMwOTAwMTY3MQ&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXxlzKS9-E0kM88J5ly5rdk

Request Chain 335

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bELvgc6z9VC0GiM9AUKH6FdiQjb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MEYtWS0xNUo3&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bELvgc6z9VC0GiM9AUKH6FdiQjb

Request Chain 336

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPl5YpW6F1WysBYcOIkMabQ&google_cver=1&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3zKGg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3zKGg&google_gid=CAESEPl5YpW6F1WysBYcOIkMabQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3zKGg

Request Chain 340

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg8xm-DmEjBtQh2o0GbMfQ1FlfqTCL7RrP-kO_d7J9E HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg8xm-DmEjBtQh2o0GbMfQ1FlfqTCL7RrP-kO_d7J9E&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Request Chain 341

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1WbEsY1cunYq9i0o_RD15D_nWLCVg0OhBvMy-A5Kb9HfHZaqH3kbipSzo&google_gid=CAESEHOj7QMHqlrqNTTStL5YN8k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFBQlpQSGtLVg&google_push=AYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1WbEsY1cunYq9i0o_RD15D_nWLCVg0OhBvMy-A5Kb9HfHZaqH3kbipSzo

Request Chain 343

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECPCUkETf_Vo3F8P464rTCg&google_cver=1&google_push=AYg5qPJhKbyL-yXmWE-T7oroNgkRqZBgbSs01WM-exdNKvUy8cheS0PBD5DqRmOqD6mD3S7RI-wMfeD2fmwmgMY8C3vdGk5zeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhKbyL-yXmWE-T7oroNgkRqZBgbSs01WM-exdNKvUy8cheS0PBD5DqRmOqD6mD3S7RI-wMfeD2fmwmgMY8C3vdGk5zeg

Request Chain 344

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSzgJSuhRfBjt0sK_ek8PJiEwV8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MUstMVUtNExJTA==&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSzgJSuhRfBjt0sK_ek8PJiEwV8

Request Chain 345

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&google_push=AYg5qPIS2POzah6KYE2meV1XbiXvgXInF6MB9gbZnlL1dN4HfduON8iS6hBw5l6ioZxT7IaEpJftKCEMBKbAQsmDnshMZyMZiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_cver=1&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPIS2POzah6KYE2meV1XbiXvgXInF6MB9gbZnlL1dN4HfduON8iS6hBw5l6ioZxT7IaEpJftKCEMBKbAQsmDnshMZyMZiQ

Request Chain 370

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14FyD21eLgvU7jq_tdD7xkXgGK7ufuTj3J8SS7LSKgTXEg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14FyD21eLgvU7jq_tdD7xkXgGK7ufuTj3J8SS7LSKgTXEg&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Request Chain 371

https://a.tribalfusion.com/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 373

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELBEsAluvj9XqbXY8gHafac&google_cver=1&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepGV0_n0DVMEYNsjLVx2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepGV0_n0DVMEYNsjLVx2w

Request Chain 374

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPl5YpW6F1WysBYcOIkMabQ&google_cver=1&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81WmJCe34IYCtuTClUWJknMBgJ-n5wpN87jy6TR49Ew0FOlc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81WmJCe34IYCtuTClUWJknMBgJ-n5wpN87jy6TR49Ew0FOlc

Request Chain 376

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELBEsAluvj9XqbXY8gHafac&google_cver=1&google_push=AYg5qPLs430W7ldNbWiWN54aHrOl2L6Syf0sPGLOBHR07unMPBhhePcwhkJ2exOMiH7kDxLa1kY25cKX2tutnLARI4fclZlDlQTPz-M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLs430W7ldNbWiWN54aHrOl2L6Syf0sPGLOBHR07unMPBhhePcwhkJ2exOMiH7kDxLa1kY25cKX2tutnLARI4fclZlDlQTPz-M HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 395

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJTdsKb9-fcCFZBK4Aod-vQEpA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e1060-dbf0-11ec-85d9-223185680794

Request Chain 400

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=63785ff0-dbf0-11ec-977a-2266206bbad7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_63785ff0-dbf0-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 404

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKDfsKb9-fcCFbjXEQgdvb0EJQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e3771-dbf0-11ec-977a-2266206bbad7

Request Chain 409

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=637838e0-dbf0-11ec-91ba-2230ae711e76&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_637838e0-dbf0-11ec-91ba-2230ae711e76&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 431

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&RedC=c.clarity.ms&MXFR=1E80B97FC19F6A9D0006A8D0C59F642E HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&MUID=39C8DD43909F69BD1E4ECCEC91F468ED

449 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nur.kz/
Redirect Chain

http://nur.kz/
https://www.nur.kz/

408 KB
45 KB

1691ms
1448ms

Document
text/html

91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

adb995163c403af9794377dc98fc1eedc23d8b463b99909a54ae9f97c946ac2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, OPTIONS
cache-control: public, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:03:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-f-status: EXPIRED
x-frame-options: SAMEORIGIN always

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 25 May 2022 06:03:19 GMT
Location: https://www.nur.kz/
Server: nginx

GET
H2 200 8576c96ba0be1cd4.webp
cdn.nur.kz/images/1120x630/ 59 KB
59 KB 533ms
309ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/1120x630/8576c96ba0be1cd4.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

83168c5a624fa8d0c9a39f6aec8bf193626265adffc132691f7f32b4d02a16db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 25 May 2022 05:24:17 GMT
server: nginx
x-cs: HIT
etag: "80f5f1906952a4bfe74485653dd0d298"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 59938
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 common.e1f38809.css
www.nur.kz/nur/css/ 32 KB
5 KB 105ms
105ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/common.e1f38809.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-1466"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5222
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H/1.1 200
OK io.js Show response
cdn.onthe.io/ 56 KB
18 KB 79ms
25ms Script
text/javascript 116.202.11.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.11.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.241.11.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 06:03:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:27:08 GMT
Server: nginx
ETag: W/"60e6fd2c-de2a"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 26 May 2022 06:03:21 GMT

GET
H2 200 logo.svg
www.nur.kz/nur/img/ 6 KB
3 KB 107ms
106ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-977"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2423
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 8576c96ba0be1cd4.webp
cdn.nur.kz/images/560x315/ 25 KB
25 KB 530ms
310ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/560x315/8576c96ba0be1cd4.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

62d3c2fbb9ceb73ef8834782ed32e19328daaf6d86c8b1d961f4740cf0298147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 25 May 2022 05:24:17 GMT
server: nginx
x-cs: HIT
etag: "c7e2f3983961389b2ce19e4321e3f848"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 25376
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 placeholder-1x1.gif
www.nur.kz/nur/img/ 43 B
381 B 107ms
106ms Image
image/gif 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/placeholder-1x1.gif?v=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-2b"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 43
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1715
date: Wed, 25 May 2022 05:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 07:34:46 GMT

GET
H2 200 94ylzt75u2 Show response
www.clarity.ms/tag/ 1 KB
2 KB 192ms
136ms Script
application/x-javascript 2620:1ec:27::cafe:1389
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/94ylzt75u2
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1389 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8d1e22184b2a1af8623b74f5efff121858035499e7756e63c34f6f78a329ca41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:20 GMT
x-powered-by: ASP.NET
x-azure-ref: 0qcaNYgAAAAAv8oaf3gGCQat5xDIPNoYnU1RPRURHRTA4MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 1383
expires: -1

GET
H2 200 1920x120_rus.png
www.nur.kz/nur/img/thematic-blocks/ 58 KB
58 KB 107ms
106ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/thematic-blocks/1920x120_rus.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-e64f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 58959
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 bybit.png
cdn.nur.kz/static/ads/ 6 KB
7 KB 529ms
309ms Image
image/png 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/static/ads/bybit.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 20 Apr 2022 14:13:51 GMT
server: nginx
x-cs: HIT
etag: "6eab7750d8e559a66f25f708b1eea4de"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6458
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 1xbet-partner.png
cdn.nur.kz/custom/logo/ 2 KB
2 KB 519ms
310ms Image
image/png 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/1xbet-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 10 Nov 2021 15:31:26 GMT
server: nginx
x-cs: HIT
etag: "d9e559e4b7931bf2cf97e89f9d7708c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2180
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 fclub-libertex-partner.png
cdn.nur.kz/custom/logo/ 3 KB
3 KB 519ms
310ms Image
image/png 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/fclub-libertex-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Tue, 28 Dec 2021 10:52:54 GMT
server: nginx
x-cs: HIT
etag: "b32bf7a5941815e4a4dc71bb126a1aa3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2946
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 KMF.png
cdn.nur.kz/custom/logo/ 5 KB
5 KB 518ms
310ms Image
image/png 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/KMF.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 13 Apr 2022 12:31:31 GMT
server: nginx
x-cs: HIT
etag: "55643c20d418d965722c9d75a7d6d2b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4627
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 parimatch.png
cdn.nur.kz/custom/logo/ 4 KB
5 KB 500ms
309ms Image
image/png 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/parimatch.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Tue, 09 Nov 2021 19:46:09 GMT
server: nginx
x-cs: HIT
etag: "58febaebfd3c6d8472de1318e7079d30"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4450
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 7a5aad15155aeeab.jpeg
cdn.nur.kz/images/272x153/ 5 KB
5 KB 500ms
309ms Image
image/jpeg 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7a5aad15155aeeab.jpeg?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Thu, 11 Mar 2021 14:37:00 GMT
server: nginx
x-cs: HIT
etag: "cad54c626842be5765616b721023eb2f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4896
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 2f8551693976b31f.jpeg
cdn.nur.kz/images/272x153/ 9 KB
9 KB 500ms
308ms Image
image/jpeg 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2f8551693976b31f.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Thu, 22 Apr 2021 11:23:21 GMT
server: nginx
x-cs: HIT
etag: "e35dfd517d3150920c0d77fc3aad97d6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9004
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 75330f52aaeda809.jpeg
cdn.nur.kz/images/272x153/ 16 KB
17 KB 501ms
310ms Image
image/jpeg 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/75330f52aaeda809.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Mon, 13 Dec 2021 14:46:45 GMT
server: nginx
x-cs: HIT
etag: "0b45326bc6c6f56de5de06d50eb1d7f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 16678
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 26f6f4d708d3f373.jpeg
cdn.nur.kz/images/272x153/ 31 KB
31 KB 398ms
206ms Image
image/jpeg 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/26f6f4d708d3f373.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Thu, 11 Nov 2021 09:37:46 GMT
server: nginx
x-cs: HIT
etag: "9315765f924d99f08508c23fec0c6235"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 31899
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 logo-freedom-finance.png
www.nur.kz/nur/img/ 2 KB
3 KB 165ms
164ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo-freedom-finance.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8b9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2233
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 _vendors.247f0c1e.js Show response
www.nur.kz/nur/js/ 30 KB
9 KB 119ms
118ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-22eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 8939
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
29 KB 136ms
53ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

80b110bd2739c684f764fc9440cd2685591af18f0d8dbf3efe7b5c13c0ac459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28687
x-xss-protection: 0
server: sffe
etag: "1225 / 380 of 1000 / last-modified: 1653429844"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 monetization.f542e399.js Show response
www.nur.kz/nur/js/ 10 KB
3 KB 124ms
122ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/monetization.f542e399.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-b02"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2818
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 131ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a43b2c280ca415162791ec2ac83579afe090a4b4e116ef99f95b1b6f6b832e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69706
x-xss-protection: 0
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 _authorization.cbd1e081.js Show response
www.nur.kz/nur/js/ 15 KB
5 KB 124ms
122ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_authorization.cbd1e081.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-10f5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4341
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 navigation.1f4f3f8d.js Show response
www.nur.kz/nur/js/ 5 KB
2 KB 125ms
123ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/navigation.1f4f3f8d.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-661"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1633
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 jitsu-init.b7960b4c.js Show response
www.nur.kz/nur/js/ 29 KB
9 KB 125ms
124ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-2345"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 9029
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 home-recommendation.1d356ec8.js Show response
www.nur.kz/nur/js/ 19 KB
6 KB 125ms
124ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-15bf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5567
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 home-page.e7254aef.js Show response
www.nur.kz/nur/js/ 6 KB
2 KB 126ms
125ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-page.e7254aef.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-771"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1905
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 freedom-finance.d7f54434.js Show response
www.nur.kz/nur/js/ 3 KB
2 KB 126ms
125ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-557"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1367
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 289 KB
78 KB 180ms
67ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2cf4703c0a11c8131731dd7d8b32c001fe359d46d12ac9b03d802797f0abc2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653458601427306-3216445322201933824-sas2-0472-sas-l7-balancer-8080-BAL-6895
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 25 May 2022 07:03:21 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 36ms
9ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-93.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:43:24 GMT
Via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6815998
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: OvZWJRK1DHy9R7a_ff2vv6q2gVv8KLafZCzT20uq1c-bKpG9SWu_Ow==

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 256ms
79ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:uniques_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:80a6b5b0d.79eb41db1_1653458601297,session_id:51bac351e.3d5ed62a1_1653458601298,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653458601305
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/uniques/ 33 B
559 B 273ms
86ms Script
text/html 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/uniques/?current=25&holding=e3155c435e925683dd022a3f2070aae6&hash_user=80a6b5b0d.79eb41db1_1653458601297&1653458601306
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:21 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 249ms
79ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:visits_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:80a6b5b0d.79eb41db1_1653458601297,session_id:51bac351e.3d5ed62a1_1653458601298,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&__io=80a6b5b0d.79eb41db1_1653458601297&1653458601313
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 264ms
86ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:pageviews[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:80a6b5b0d.79eb41db1_1653458601297,session_id:51bac351e.3d5ed62a1_1653458601298,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653458601317
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 telegram.svg
www.nur.kz/nur/img/social-icons/subscribe/ 1 KB
876 B 105ms
104ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/social-icons/subscribe/telegram.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-214"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 532
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
550 B 36ms
7ms Image
image/gif 13.224.198.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&time=1653458601393&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.nur.kz%2F&random_number=6314058686&sess_cookie=d4b43dcd180f9d005b189c8e64e&sess_cookie_flag=1&user_cookie=d4b43dcd180f9d005b189c8e64e&user_cookie_flag=1&dynamic=true&domain=nur.kz&account=UVumr1WyR620WR&jsv=20130128&user_lang=en-US
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 03:48:39 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 8083
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: zzWiurVZRaZXlwkR6G7lKaoBSvOu4RU4xJU2IU5c97TolVhQGTYT0Q==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 346ms
101ms Image
text/plain 18.216.229.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.229.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-229-163.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
server: Server

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-1&cid=819422530.1653458601&jid=365425862&gjid=252714871&_gid=1570992650.1653458601&_u=YGBAgUABCAAAAE~&z=1207241402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 06:03:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
36ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=565231257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=365425862&gjid=252714871&cid=819422530.1653458601&tid=UA-6273700-1&_gid=1570992650.1653458601&cd14=homepage&z=450489280

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 06:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85700
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-lazysizes.85027d33.js Show response
www.nur.kz/nur/js/ 7 KB
3 KB 105ms
105ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-lazysizes.85027d33.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-beb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 3051
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 293ms
96ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/94ylzt75u2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
etag: "1d86e81880f1354"
last-modified: Mon, 23 May 2022 08:46:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 pubads_impl_2022051901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 33ms
32ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 21:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127573
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:36:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 21:36:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
759 B 350ms
284ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
39ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=819422530.1653458601&jid=365425862&_u=YGBAgUABCAAAAE~&z=1945983093

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 137ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=819422530.1653458601&jid=365425862&_u=YGBAgUABCAAAAE~&z=1945983093

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event
stat.khanate.pro/api/v1/ Frame 0
0 325ms
104ms Preflight 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 86400
content-length: 0
date: Wed, 25 May 2022 06:03:21 GMT
server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 145ms
45ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oe5n0&_p=565231257&_z=ccd.NNB&_gaz=1&cid=819422530.1653458601&ul=en-us&sr=1600x1200&_s=1&sid=1653458601&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&en=page_view&_fv=1&_ss=2&ep.transport_type=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3EYGX7DJS&cid=819422530.1653458601&gtm=2oe5n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
48ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3EYGX7DJS&cid=819422530.1653458601&gtm=2oe5n0&aip=1&z=235247163

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
stat.khanate.pro/api/v1/ 15 B
324 B 105ms
105ms XHR
application/json 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
content-length: 15

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
40 KB 134ms
51ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5JGFBQR

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eb26941f3ac879b299962470c835958019076d4de197af39414685cdadd54e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40000
x-xss-protection: 0
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 freedom-finance-desktop.593ce3a5.css
www.nur.kz/nur/css/ 4 KB
1 KB 103ms
103ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-326"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 806
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 chunk-freedom-finance-desktop.68c57a5a.js Show response
www.nur.kz/nur/js/ 4 KB
2 KB 103ms
103ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-5f4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1524
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 83ef8bed13acc58c.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 180ms
179ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/83ef8bed13acc58c.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

00693ecd39c8a4d1bcf2d72b94731fca82db6d5da53a2883d47287b2e4ceabab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Fri, 13 May 2022 01:36:51 GMT
server: nginx
x-cs: HIT
etag: "512af985dba128306594313a3d6313cc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5376
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 9d4b8152be018f89.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 180ms
179ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9d4b8152be018f89.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8f362b048000f1579b0d0593d0e7c3eba2d8e124fa42efebc9fecc4fb870a4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 25 May 2022 02:43:18 GMT
server: nginx
x-cs: HIT
etag: "5e3df99831c6af8ec8e56d9823a5a048"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5752
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 1671a62fb778ed141915.js Show response
yastatic.net/partner-code-bundles/586016/ 13 KB
5 KB 103ms
34ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/586016/1671a62fb778ed141915.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

16681b53131c01a2d8a9f10d4aca9970c9eb7420a137903e667751ff0c62ab69

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4475
last-modified: Mon, 23 May 2022 15:21:12 GMT
server: nginx/1.17.9
etag: "d89f39bb6332af6f6572262dc08b9f8d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2052 12:38:57 GMT

GET
H2 200 7bf4befd368f5d89785f.js Show response
yastatic.net/partner-code-bundles/586016/ 86 KB
18 KB 132ms
63ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/586016/7bf4befd368f5d89785f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d72f0c2c009fd1c8f111e2426abad1f6818ce7ac92eb45e1d01b2e3b8c8eda44

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18008
last-modified: Mon, 23 May 2022 15:21:12 GMT
server: nginx/1.17.9
etag: "8e676dd1083b3d624bfbe3e1e27e4722"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2052 12:38:57 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 141ms
74ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2052 12:38:39 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252771/getBulk/ 171 B
613 B 195ms
90ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-25T06%3A03%3A21.616%2B00%3A00&pd=25&pdh=1200&pdw=1600&pr1=1525534067&pr=2078643238&prr=&pv=6&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.586016&ybv=0.586016&ytt=158331285143557&is-turbo=0&skip-token=&ad-session-id=6239761653458601621&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13997%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=586016&available-width=1600&p1=coatn&p2=fylw&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580227%2C0%2C56%3B579745%2C0%2C7%3B573668%2C0%2C83%3B586220%2C0%2C51%3B586228%2C0%2C13%3B585887%2C0%2C46%3B582673%2C0%2C74%3B585619%2C0%2C70%3B580148%2C0%2C1%3B406668%2C0%2C40%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz0ZBURdSeaMk2iZWIhWSstcJgkHa%2Bi0oinZTFAjy7x1K8kXeDXfRYrErYKFzOJw5c2b0bTVotTG2E3717uO31d%2Bfv3w9rd6tpBZVK1fr1dPpryf1G%2F4noyVh5er7p%2FWq3gm9lVC3qn4Av7Nm2O6gNVtVLzhE7ZXRUA3e46O3yljljwvOlDJKR869cKDlAWrRtuANzGAvH5eBeTsswsrznPBspJhihkG7oe%2BN9bLBoEQjLbjaqt6DszUchNVKb1%2FhZHnGLmF1ZgpFqNZYqE3424tWei9Bi04uuFq13Xmotgs%2BlhKWj3xW9lJ42HeiByvfD9J5EBuPMSptTdvG42IsS4pLXIOT0NemwUqYrsMIhfei3oHbicYcXmEqecYvTM6PmdtL6%2FCmC2TOs5LxBZbjz7VotdFOjUnemQN45ZFI6AYq0xxBNJgpiznCG8YD4kWepCOpaDbmETqs1V45VakWRQN4u1FuC5LTP38sFcrSlIwcKOq59KhtEF1%2Fi3v68%2BtpAeNpOcMwo86FWtxjnp91Ab0Yb4UhH%2FTy0h%2BTgheUrWlekjzHB%2Bc8Wad5lnC%2BpmmZp%2BGRE1asaZFlWbqmhCaEnF9JSVkUCGekJAnCWZbxT7cxsTIhyRwTOCk1mMpJu7%2FL%2Fen3z798OS37sKDlJPiNwrvg%2FXdyFLL28TRkeVpOR36QmqKkG%2BnUVgNN4H2KupI9pFGCnNJyqntvJTY9WF9h%2FlulZRTHaJlPEddm0D5YxuPORiGccTo5xREFKh%2FBDtCYTigdg2E9aDo3HercBHFgv1UGNkPborNgnqP4JKWzKkNuK2sesDCYV9ha1cSRDNvixYChUc5bVUXhqJ0iu9YmhAsH1fgdqE5so%2BlFwWWcXLF43OgQlbGhqaxo1OB%2BeiPDUYS4p4BBtAdxdHFkymZNNZvgkq5Hi5FoLZ00w3IaUELIEpuRdLrz2RkRqn38vBxpblrZyuAd5%2FNAPkZbAI9kjD6Hq01wv0Nw19cU8gOGcwB70Q6LaqXkZfQ8ACd1Kt1jkUHYLn52kZRn30Wj8MqNs2hjAFswarc4eEk2TbVW4lTFOWlxhgirxF3C6T1sLu9dP1mJw7nBqf3GxkKmc62FRYHglBFXuUhr0fpxK7nlyBd4TjIyW8%2B0mwTb3it5CNtD9OiCFbP7h9dB44ZQS4d9tY3CGEXcCHOux1Wn3skQIfTS1ncqDb5%2Fi8yTcrqr64T1mGsnVB1yN0374Avxo3GwlLcq6WSjBExsLu5DV2ww58YMo8rG7e%2B15rhCJ2mTR4JrBgZrnFdRJE%2FyOVd1a%2FSlup3ZjzM6jqWMpz%2FATnHQ%2F4lP3ogfIb2oH3A7GofUaEuvgFFdk%2F1JXDIl4NjApjhY0aNOzoN52TtxQpzuyWVfO5sEsuEeHBSP8tHPmr327ZKEUMpiJDj3cfpDpbwVfnnD58vehew8WGo3rWqRa%2F369OVuhWWz%2FYSIFKrCmx6M32GSPH6hQDe0Xr1hqU6Lgj%2Fj%2BU9g%2FPWw8O5uOery%2B3mFCyElF%2FwsMavntRk21nTPjfiF5ZlSPneZax7uF76wsXN2v8Nzdmnpq%2BHipxJ%2B2cAGNzGzIEl%2BJvm9Sm%2F39Xnc4J6OnzitOIYZonTwVNRD%2FRBUgjqOFpTnOIvu1h0rw0fJKw1DkozfhLJcxWObPynO1dtaUcU9AT%2B9SHZ9F5z6sAgrTyiJvf%2FC%2BpLkLyK%2B%2FwuWLX2v&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Ouly5BAktAHwzor3CGrULJJ4OLKUihol%2FFyREd89LmRw8UShzX1KcP0e5j%2B7UzqC%2BzSCnHpS%2By%2BNZYC6lhfgx%2BIaSfs%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODZ9ChKjtpDkuOlBBKgLF8v8R1IqttPXxbDvs_H8M9roXNpJWuGM7jdZ7DC2tOPEnDhLYraTx7HjcvzbaJ-3dcvWUYBexMCegTZDCEJVoSeycuk5qffedypTVVEaQlChQlIlCkEM-aEi5AfEAVEoyUMYoSqUhqoA8fVVoSBU5QAiATUPeSM5FIWyUL56klCWL2AnVPyAKAcXkIBCDR44aBlwLBJa-hDUFU-1EgUBApt4aOlzHIs8GsJQEpBcNDvULlUQQmUAeii76sq-JsihCiioqwBUFQQokIogVwFuaFplQVthRCviChSKm5sAtIXlnx3CqjXSCL5Rkt13Cy4ZZi3ViAME1wZmlQizULnq0lVd5jb_yyz-8k8cIPSZJgnUV4S9kuS7gmY1rIXhX4oigL9bHM2h_wwY74rEZyfvyqCsdrMT5oUayCR1PQBZbhGf_qIFAN_XIFhhhQH8ygXQy7DZu-yQFZoB9JshDPEL0FDoU3wYQJwN_CwzlJ4aIQgzG9VpFEL9YfmVcrPOULR0ll53htS0CIH_GVWhOACj6LqOjDc3BHNWOcrQl-NQka8o_JEx217BVmKAePRkAVGgXrhhGvTld8Z_-Quz_-OdhsNWKMtXPwNcjQ41MoCPICAuMxDOWXlfg2yZSzQ0pesliKv6zDAU2Yjzsks6Tzyf4mFaCHdVhCvUiOxJyBd6RUC4LBug-91VnYXPBISfL-CWPj8aYM8FwQ5fuRDNvSV99d7fCKr68BeS4RxKUyhQ0-T13kMF8WoJ85mUg4ju-lSjzp-7Lve9492_YhfBm-GX_dMz5gMXEKPO59rLI_5wIh2izT-bSJYVIn9X1pw2i_H3HyHMBRDEsjLiyhfz7y28ZNV-Y9nCnAeEecsdmYF6ydKQNcId8xKGIYlLe9muZVYL7Rfq0-6E8S_I0BRg_tS-RHklhsMoQV8iFNKcVMxdEJ3IzHYEpfE30ZeXFU-rRekPcYAG8HrhVp3vrORXbcVQNB_4mdBp9HMNQckBg0RjMKdxFYxkZ19fa9Xodraz-tHdzxL9j_K5ef4dz5DRUpNFRhMVNVmSmqmoozgyJVRANnZPzdRiUBuTKM0NqTGBgNmcaCl0MWkU6w3MOYXeECWGCALm7cOzBShW4llR7DtfUjLjGlYHajT5p9AddftuxaD3eKo6l16O4O3M7xeo8xDODG4JONHwsQsV7xpJRgw7jbphz4MRHIIlIsCHMJxY7rbbpgIzExU1Uy-HUm9GklOYUq0WAmbSlDzJAaHNBhAzFbU5RupSRoEi0pMWlWxhVjbTSu6RJroiqQJdeRW2AWcZqS42pjokDmFaDQUKXWLWUCS6VUu5VE16cv1wmlpBN3NNY8OhMqR2FeMqZsbEoMlWbWVrTJyk5zaIM6SxNqY0JZaqHo1NMQeuTLEBmTaLo8RoSUtuifkAlGVgxxFZRqZHmuyuc46ieRyEsPvvzpN9o0ymGBIw0VmSY2CW-gU7BmYtd8GIgdkJffo3BmbxS6quqTAwW7mLBgz7C96yFAxHbeexkEmzGBLT9rjSMix7TExOFmWutkSpiSK9gUtiqllWUkaG6QEFZuVoSVNOsrIoAStySWj92oimRy5b8LpdjsDLtObEEl9PDeS5C7jfQJipcvDAyZsup1sFqOU4KbP45ODqw9oKx2yp4MJO3Tixr-TaqYcZW6l4__ZVuO7uq8-ILI_vlF8VKXWpwRwbyOf8rqKxFtg13QO85a2ATHbDXC4UlWhLnu9K2MXB8g4H_K2DQd3kDDr4ISzIRUc47gwmIGYLRaFNLbOCOLMOyEVBP3TPFlqCvB9T5bVoqWUL7u3V3lgpTXoKZFmkSwxmLTMnZY5kzSHZFGsjJ1mzqdj7CUWqM7d0Bxeexm7aOJWMi_l2mjtlGJBPLURqqfgs-gOXTNa6y-y4--T3UL2sLJRRM5FyFl2roSxCd1TfmVwRP_3Ay687Z5mY-f5R9GTJT906Tz_fdc62p2OgFQL7EDpvKch_8JfIy2vnGHmAeJKmBVAWwMvpGenpcboyRYlQiiYFePIhAUKtF6RlA_7g6YicW-X3MUFZesHF6bIJJp7eYU5eDTtOdQSlRjQDMN8mlTUGXPUmuE_yPInkPwElVLx-5tWnAPEWBm2ixx3nxdkiBYH6W31GUKH58Dt-90T1kSo_aor3ndoC7Y_g-9fh3mG3J4sm1VmAa_F2tVr2-kH-GsReWVNpFUmmFIleE2Uvq9zRe7eQltLdvOQWCj0QSr3O3Fg2tTahmOAxABCqGWfH9xdDJUt0eku8v6o23phb6mUZZUw-p9RFMcXEZ_0vVu0tMxKkcQJ2ZozBWtzISsuvIF7nVOmDjXGvQL8n8aFLzHE694spIo1u-WHyYD8sV-lRoJ0rnYh7Cb3N1V7qEDI6Lij-q9wJtFIAkoVftlKgmxieMeFAoz233mCu9CFwBBUZGGjoIMonvGdMKtn2R2bRlHH89BmwxujdHFfR3cQXiw_2achR_uvPlFKrN2mixJPxHePyRSvxakfD9MPsfZgzv96WcfIXOD_1JMHYe00ZJqRwl2PqLYwoaVAxem_xWgD6T4AwP8FcW_EfgiFcmph5AIQ0tHToD2DJBxRPwSQ_fvmziQ9WWgPGcjex_wF06A9gxQcAbbcKxvwPILFDADNVBSMNI3qhzIo34WzNiIUSIgQmhHsL8FJGP2pGHMAvRqzy30PxigR-fiUw3iEmCAavRsT4z_5F2zemNnDn_4rHAhAOQF39NjYuv8Nowpch8KU0fu6NmY7BSI_-BZb8gr15YeEQcP3QVEmsqp2dYoxxZQ9bqTpQPYRe-NCdZACN6Z3qBYCkWb5tpKsEvB_g6VYladMgapxYUHqFcsjmVgqYOQdENHQQop-DJc8Ba7MpkDFfWf-cipvwTHNBkweIbvIyVTqUCTzvC_e_018Eo9Mp_vaL6qOfQ7VlY0PSFTaxG6u_561G3xxOz5PlABEmXgIxDS3E6C9BDzpz_gYMqyD1C3OlHzf7O2p3eEImKoYfQ8Al_ZsJ3snnTKMoPgkn4o5HPwTH_rugwnmC1q7Z6mLGmWe5fxQbSfW6KP28yeh9O_2vsfeYu4DXG3p_bB_v_IIKO6jHm9pk9BZ-XRczLYmTr-AZutv9vM73-BavDkKOs-tqjanJZKXX244N5j9laMK_t6gglAe0ftdrSBvFO6LS9SS_dfuTXUjfD3cE8BNM7LDgdDTFw-Krj6BLelkonajHi2bM-JppUWHL14yhVsAcAvsiU5nv0n5FcfXjhypmmiEjD_O-rES4A1eX_Hs15e0Gmsqyc2nBscCb4j6ONYN6rP8mHZ9OI9ee4L6sW7308_t0pN3OK752a4ubvN8zwCZXJS0tC8-P4ARett0KYY388av5SbWLr6hslwI7ri03Br2_aKpugo_x5HdK8CaoPfij7T-U-JVEznS5h71QjzfrDlteNTAWlKSL_S1j58qAkqXn6uUhxxLfUQXvmDPyzhO-BbkrYR4DwmcAH7nKR246SUKNhD5UpOjGJb6x4XPa4-LKRpPp-0X43bfGdFnK7glDyMoThnZ68pxWwAcmPgGu-uLHopXu7KzjCyNv5nhPE7_6pyY9KlP2MIvVZH9MjpaFyTmcR08FXRWrHhca5LUVAS3DaIl2IXKnu493NLr2EKbi-MJUrPONe6-llvHyHrXkQPHQB-4cOKxdK-htL2Zh2C_rEpVoMHwfuXLjx1Pv87qgutNffhu6o9JaGYTF93Tsgf2roGPlupMuq2VpNbkVvicszl_sz9-ZJXOZ6ba7CzSlw6oKQV545UoSVfx-9PA_QUmxRKxtFyH77cZ3BfQQs_QK6FHlr8RIuse3zSj_6Dqv19l641-9C8ljxE-KpD1kxUPA78bC59ljOW939zgDEAX9e9ePoNcqVtKmQEfKgV-zu0dsp7II4XaPW47FFYWpDH1orqGh8ojtjP124rKnf4LJvPO7QI6Pf4Jd8QzG7kt3mQTyXtz4I3SRv5w2D0B7r4NSiSPQ_7myuOVGNHYPmZVbYwhsY0bHNmYFjfTnpZYHZvzF2OENjk5UwT8v6VEfZO2iagBPcn9MVZYXgiZ6jYNXgE_-JWa_Y3SGz8i6BanqoD1_PuG9ojbFJ3mDcf8uDfJzVUUYUpNDRffDwY19UKF7db6ymKR2QKRzA35X8yQd0lseHuifIYoeYVayebQMrNw6xzCsRqsEHnp6SQ1mER0rPo7aYByvpgcwQtghTE6GCLsDRRPEjiutqrrJMEp2G8AzsPIOYDQ48ofsNzpcnu8-E73JTmSzfRUi3ye8eP-2lfuT1Ucfj74rrrDqUrUrrLGfJxzQC79TENesceqn0siFD4Wra9GLXxvGHmgibY-rvTkPoT-Y09XFBVRzD9lj4u-0DUxwaccuXn8OKR4CW701NwcQ1yA2201jcIty3_3uT_yo7ox6XcLtGfY1PGTEFfT0-LiD4dVHYZO6fOPt8061sTnBxS-empEmuigbeZSpE8znYMdm8iTKkOuSxKw3ZshjQ2qgSHILnSwzJ1pkdmTKFnJQoGgEMNwU4Chn7jSrAO61v9wPirntPv3du52_Q9sFNBSy-4ILsCX4FGmUkOsPwnIHCLur5ALKbgewgraq-Ic9F69DYp1abqWVZaZUdz-dvws3e7PyfQtTW8_Ba_upnUfsvxGO505xvtQaNUXl2uVJs1TqnlqQ6VrocC3MynFT9JxAs0xvMCEp7kduoTE04ldsop6F_px6sunBC-RTiU4z5nfF3zW_uj1S-TTC2-Zvt62-aUmIP6T8hp5-hSMtKCHcyOV8sHu6UQy9v-Q1bP8o2XNfthlu4ooxOttpD0arp4hTE9eRW8sSLUorNzK33KbrAn8xKQfIfCII1TdL6ZCDqoBcUv5wD0lHm13dRtZgnWz7lIcJ8HLfQkRcwMHvI3lLLdheQYu-39NqKH3wu5bbuciOJYSZhwis4yKTjd42byo_Jzkpfe1s9pwy2CNBgyAKF0JiSpBHfoFvL5o5E5LCE7fOxWtQfOO0m7u6KxZ7fUQW68wsY4-NdRspWbvdClmH&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf7b4461c500623d971fa24be48832fc1fa2f4ab9c53d70576897743d473c402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:03:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1653458601784017-213500734002387220100165-production-app-host-sas-pcode-209
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252771/getBulk/ 171 B
319 B 217ms
119ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-25T06%3A03%3A21.654%2B00%3A00&pd=25&pdh=1200&pdw=1600&pr1=1795652231&pr=2078643238&prr=&pv=6&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.586016&ybv=0.586016&ytt=158331285143557&is-turbo=0&skip-token=&ad-session-id=6239761653458601621&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13997%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=586016&available-width=1600&p1=cobal&p2=gttr&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580227%2C0%2C56%3B579745%2C0%2C7%3B573668%2C0%2C83%3B586220%2C0%2C51%3B586228%2C0%2C13%3B585887%2C0%2C46%3B582673%2C0%2C74%3B585619%2C0%2C70%3B580148%2C0%2C1%3B406668%2C0%2C40%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz0ZBURdSeaMk2iZWIhWSstcJgkHa%2Bi0oinZTFAjy7x1K8kXeDXfRYrErYKFzOJw5c2b0bTVotTG2E3717uO31d%2Bfv3w9rd6tpBZVK1fr1dPpryf1G%2F4noyVh5er7p%2FWq3gm9lVC3qn4Av7Nm2O6gNVtVLzhE7ZXRUA3e46O3yljljwvOlDJKR869cKDlAWrRtuANzGAvH5eBeTsswsrznPBspJhihkG7oe%2BN9bLBoEQjLbjaqt6DszUchNVKb1%2FhZHnGLmF1ZgpFqNZYqE3424tWei9Bi04uuFq13Xmotgs%2BlhKWj3xW9lJ42HeiByvfD9J5EBuPMSptTdvG42IsS4pLXIOT0NemwUqYrsMIhfei3oHbicYcXmEqecYvTM6PmdtL6%2FCmC2TOs5LxBZbjz7VotdFOjUnemQN45ZFI6AYq0xxBNJgpiznCG8YD4kWepCOpaDbmETqs1V45VakWRQN4u1FuC5LTP38sFcrSlIwcKOq59KhtEF1%2Fi3v68%2BtpAeNpOcMwo86FWtxjnp91Ab0Yb4UhH%2FTy0h%2BTgheUrWlekjzHB%2Bc8Wad5lnC%2BpmmZp%2BGRE1asaZFlWbqmhCaEnF9JSVkUCGekJAnCWZbxT7cxsTIhyRwTOCk1mMpJu7%2FL%2Fen3z798OS37sKDlJPiNwrvg%2FXdyFLL28TRkeVpOR36QmqKkG%2BnUVgNN4H2KupI9pFGCnNJyqntvJTY9WF9h%2FlulZRTHaJlPEddm0D5YxuPORiGccTo5xREFKh%2FBDtCYTigdg2E9aDo3HercBHFgv1UGNkPborNgnqP4JKWzKkNuK2sesDCYV9ha1cSRDNvixYChUc5bVUXhqJ0iu9YmhAsH1fgdqE5so%2BlFwWWcXLF43OgQlbGhqaxo1OB%2BeiPDUYS4p4BBtAdxdHFkymZNNZvgkq5Hi5FoLZ00w3IaUELIEpuRdLrz2RkRqn38vBxpblrZyuAd5%2FNAPkZbAI9kjD6Hq01wv0Nw19cU8gOGcwB70Q6LaqXkZfQ8ACd1Kt1jkUHYLn52kZRn30Wj8MqNs2hjAFswarc4eEk2TbVW4lTFOWlxhgirxF3C6T1sLu9dP1mJw7nBqf3GxkKmc62FRYHglBFXuUhr0fpxK7nlyBd4TjIyW8%2B0mwTb3it5CNtD9OiCFbP7h9dB44ZQS4d9tY3CGEXcCHOux1Wn3skQIfTS1ncqDb5%2Fi8yTcrqr64T1mGsnVB1yN0374Avxo3GwlLcq6WSjBExsLu5DV2ww58YMo8rG7e%2B15rhCJ2mTR4JrBgZrnFdRJE%2FyOVd1a%2FSlup3ZjzM6jqWMpz%2FATnHQ%2F4lP3ogfIb2oH3A7GofUaEuvgFFdk%2F1JXDIl4NjApjhY0aNOzoN52TtxQpzuyWVfO5sEsuEeHBSP8tHPmr327ZKEUMpiJDj3cfpDpbwVfnnD58vehew8WGo3rWqRa%2F369OVuhWWz%2FYSIFKrCmx6M32GSPH6hQDe0Xr1hqU6Lgj%2Fj%2BU9g%2FPWw8O5uOery%2B3mFCyElF%2FwsMavntRk21nTPjfiF5ZlSPneZax7uF76wsXN2v8Nzdmnpq%2BHipxJ%2B2cAGNzGzIEl%2BJvm9Sm%2F39Xnc4J6OnzitOIYZonTwVNRD%2FRBUgjqOFpTnOIvu1h0rw0fJKw1DkozfhLJcxWObPynO1dtaUcU9AT%2B9SHZ9F5z6sAgrTyiJvf%2FC%2BpLkLyK%2B%2FwuWLX2v&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Ouly5BAktAHwzor3CGrULJJ4OLKUihol%2FFyREd89LmRw8UShzX1KcP0e5j%2B7UzqC%2BzSCnHpS%2By%2BNZYC6lhfgx%2BIaSfs%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODZ9ChKjtpDkuOlBBKgLF8v8R1IqttPXxbDvs_H8M9roXNpJWuGM7jdZ7DC2tOPEnDhLYraTx7HjcvzbaJ-3dcvWUYBexMCegTZDCEJVoSeycuk5qffedypTVVEaQlChQlIlCkEM-aEi5AfEAVEoyUMYoSqUhqoA8fVVoSBU5QAiATUPeSM5FIWyUL56klCWL2AnVPyAKAcXkIBCDR44aBlwLBJa-hDUFU-1EgUBApt4aOlzHIs8GsJQEpBcNDvULlUQQmUAeii76sq-JsihCiioqwBUFQQokIogVwFuaFplQVthRCviChSKm5sAtIXlnx3CqjXSCL5Rkt13Cy4ZZi3ViAME1wZmlQizULnq0lVd5jb_yyz-8k8cIPSZJgnUV4S9kuS7gmY1rIXhX4oigL9bHM2h_wwY74rEZyfvyqCsdrMT5oUayCR1PQBZbhGf_qIFAN_XIFhhhQH8ygXQy7DZu-yQFZoB9JshDPEL0FDoU3wYQJwN_CwzlJ4aIQgzG9VpFEL9YfmVcrPOULR0ll53htS0CIH_GVWhOACj6LqOjDc3BHNWOcrQl-NQka8o_JEx217BVmKAePRkAVGgXrhhGvTld8Z_-Quz_-OdhsNWKMtXPwNcjQ41MoCPICAuMxDOWXlfg2yZSzQ0pesliKv6zDAU2Yjzsks6Tzyf4mFaCHdVhCvUiOxJyBd6RUC4LBug-91VnYXPBISfL-CWPj8aYM8FwQ5fuRDNvSV99d7fCKr68BeS4RxKUyhQ0-T13kMF8WoJ85mUg4ju-lSjzp-7Lve9492_YhfBm-GX_dMz5gMXEKPO59rLI_5wIh2izT-bSJYVIn9X1pw2i_H3HyHMBRDEsjLiyhfz7y28ZNV-Y9nCnAeEecsdmYF6ydKQNcId8xKGIYlLe9muZVYL7Rfq0-6E8S_I0BRg_tS-RHklhsMoQV8iFNKcVMxdEJ3IzHYEpfE30ZeXFU-rRekPcYAG8HrhVp3vrORXbcVQNB_4mdBp9HMNQckBg0RjMKdxFYxkZ19fa9Xodraz-tHdzxL9j_K5ef4dz5DRUpNFRhMVNVmSmqmoozgyJVRANnZPzdRiUBuTKM0NqTGBgNmcaCl0MWkU6w3MOYXeECWGCALm7cOzBShW4llR7DtfUjLjGlYHajT5p9AddftuxaD3eKo6l16O4O3M7xeo8xDODG4JONHwsQsV7xpJRgw7jbphz4MRHIIlIsCHMJxY7rbbpgIzExU1Uy-HUm9GklOYUq0WAmbSlDzJAaHNBhAzFbU5RupSRoEi0pMWlWxhVjbTSu6RJroiqQJdeRW2AWcZqS42pjokDmFaDQUKXWLWUCS6VUu5VE16cv1wmlpBN3NNY8OhMqR2FeMqZsbEoMlWbWVrTJyk5zaIM6SxNqY0JZaqHo1NMQeuTLEBmTaLo8RoSUtuifkAlGVgxxFZRqZHmuyuc46ieRyEsPvvzpN9o0ymGBIw0VmSY2CW-gU7BmYtd8GIgdkJffo3BmbxS6quqTAwW7mLBgz7C96yFAxHbeexkEmzGBLT9rjSMix7TExOFmWutkSpiSK9gUtiqllWUkaG6QEFZuVoSVNOsrIoAStySWj92oimRy5b8LpdjsDLtObEEl9PDeS5C7jfQJipcvDAyZsup1sFqOU4KbP45ODqw9oKx2yp4MJO3Tixr-TaqYcZW6l4__ZVuO7uq8-ILI_vlF8VKXWpwRwbyOf8rqKxFtg13QO85a2ATHbDXC4UlWhLnu9K2MXB8g4H_K2DQd3kDDr4ISzIRUc47gwmIGYLRaFNLbOCOLMOyEVBP3TPFlqCvB9T5bVoqWUL7u3V3lgpTXoKZFmkSwxmLTMnZY5kzSHZFGsjJ1mzqdj7CUWqM7d0Bxeexm7aOJWMi_l2mjtlGJBPLURqqfgs-gOXTNa6y-y4--T3UL2sLJRRM5FyFl2roSxCd1TfmVwRP_3Ay687Z5mY-f5R9GTJT906Tz_fdc62p2OgFQL7EDpvKch_8JfIy2vnGHmAeJKmBVAWwMvpGenpcboyRYlQiiYFePIhAUKtF6RlA_7g6YicW-X3MUFZesHF6bIJJp7eYU5eDTtOdQSlRjQDMN8mlTUGXPUmuE_yPInkPwElVLx-5tWnAPEWBm2ixx3nxdkiBYH6W31GUKH58Dt-90T1kSo_aor3ndoC7Y_g-9fh3mG3J4sm1VmAa_F2tVr2-kH-GsReWVNpFUmmFIleE2Uvq9zRe7eQltLdvOQWCj0QSr3O3Fg2tTahmOAxABCqGWfH9xdDJUt0eku8v6o23phb6mUZZUw-p9RFMcXEZ_0vVu0tMxKkcQJ2ZozBWtzISsuvIF7nVOmDjXGvQL8n8aFLzHE694spIo1u-WHyYD8sV-lRoJ0rnYh7Cb3N1V7qEDI6Lij-q9wJtFIAkoVftlKgmxieMeFAoz233mCu9CFwBBUZGGjoIMonvGdMKtn2R2bRlHH89BmwxujdHFfR3cQXiw_2achR_uvPlFKrN2mixJPxHePyRSvxakfD9MPsfZgzv96WcfIXOD_1JMHYe00ZJqRwl2PqLYwoaVAxem_xWgD6T4AwP8FcW_EfgiFcmph5AIQ0tHToD2DJBxRPwSQ_fvmziQ9WWgPGcjex_wF06A9gxQcAbbcKxvwPILFDADNVBSMNI3qhzIo34WzNiIUSIgQmhHsL8FJGP2pGHMAvRqzy30PxigR-fiUw3iEmCAavRsT4z_5F2zemNnDn_4rHAhAOQF39NjYuv8Nowpch8KU0fu6NmY7BSI_-BZb8gr15YeEQcP3QVEmsqp2dYoxxZQ9bqTpQPYRe-NCdZACN6Z3qBYCkWb5tpKsEvB_g6VYladMgapxYUHqFcsjmVgqYOQdENHQQop-DJc8Ba7MpkDFfWf-cipvwTHNBkweIbvIyVTqUCTzvC_e_018Eo9Mp_vaL6qOfQ7VlY0PSFTaxG6u_561G3xxOz5PlABEmXgIxDS3E6C9BDzpz_gYMqyD1C3OlHzf7O2p3eEImKoYfQ8Al_ZsJ3snnTKMoPgkn4o5HPwTH_rugwnmC1q7Z6mLGmWe5fxQbSfW6KP28yeh9O_2vsfeYu4DXG3p_bB_v_IIKO6jHm9pk9BZ-XRczLYmTr-AZutv9vM73-BavDkKOs-tqjanJZKXX244N5j9laMK_t6gglAe0ftdrSBvFO6LS9SS_dfuTXUjfD3cE8BNM7LDgdDTFw-Krj6BLelkonajHi2bM-JppUWHL14yhVsAcAvsiU5nv0n5FcfXjhypmmiEjD_O-rES4A1eX_Hs15e0Gmsqyc2nBscCb4j6ONYN6rP8mHZ9OI9ee4L6sW7308_t0pN3OK752a4ubvN8zwCZXJS0tC8-P4ARett0KYY388av5SbWLr6hslwI7ri03Br2_aKpugo_x5HdK8CaoPfij7T-U-JVEznS5h71QjzfrDlteNTAWlKSL_S1j58qAkqXn6uUhxxLfUQXvmDPyzhO-BbkrYR4DwmcAH7nKR246SUKNhD5UpOjGJb6x4XPa4-LKRpPp-0X43bfGdFnK7glDyMoThnZ68pxWwAcmPgGu-uLHopXu7KzjCyNv5nhPE7_6pyY9KlP2MIvVZH9MjpaFyTmcR08FXRWrHhca5LUVAS3DaIl2IXKnu493NLr2EKbi-MJUrPONe6-llvHyHrXkQPHQB-4cOKxdK-htL2Zh2C_rEpVoMHwfuXLjx1Pv87qgutNffhu6o9JaGYTF93Tsgf2roGPlupMuq2VpNbkVvicszl_sz9-ZJXOZ6ba7CzSlw6oKQV545UoSVfx-9PA_QUmxRKxtFyH77cZ3BfQQs_QK6FHlr8RIuse3zSj_6Dqv19l641-9C8ljxE-KpD1kxUPA78bC59ljOW939zgDEAX9e9ePoNcqVtKmQEfKgV-zu0dsp7II4XaPW47FFYWpDH1orqGh8ojtjP124rKnf4LJvPO7QI6Pf4Jd8QzG7kt3mQTyXtz4I3SRv5w2D0B7r4NSiSPQ_7myuOVGNHYPmZVbYwhsY0bHNmYFjfTnpZYHZvzF2OENjk5UwT8v6VEfZO2iagBPcn9MVZYXgiZ6jYNXgE_-JWa_Y3SGz8i6BanqoD1_PuG9ojbFJ3mDcf8uDfJzVUUYUpNDRffDwY19UKF7db6ymKR2QKRzA35X8yQd0lseHuifIYoeYVayebQMrNw6xzCsRqsEHnp6SQ1mER0rPo7aYByvpgcwQtghTE6GCLsDRRPEjiutqrrJMEp2G8AzsPIOYDQ48ofsNzpcnu8-E73JTmSzfRUi3ye8eP-2lfuT1Ucfj74rrrDqUrUrrLGfJxzQC79TENesceqn0siFD4Wra9GLXxvGHmgibY-rvTkPoT-Y09XFBVRzD9lj4u-0DUxwaccuXn8OKR4CW701NwcQ1yA2201jcIty3_3uT_yo7ox6XcLtGfY1PGTEFfT0-LiD4dVHYZO6fOPt8061sTnBxS-empEmuigbeZSpE8znYMdm8iTKkOuSxKw3ZshjQ2qgSHILnSwzJ1pkdmTKFnJQoGgEMNwU4Chn7jSrAO61v9wPirntPv3du52_Q9sFNBSy-4ILsCX4FGmUkOsPwnIHCLur5ALKbgewgraq-Ic9F69DYp1abqWVZaZUdz-dvws3e7PyfQtTW8_Ba_upnUfsvxGO505xvtQaNUXl2uVJs1TqnlqQ6VrocC3MynFT9JxAs0xvMCEp7kduoTE04ldsop6F_px6sunBC-RTiU4z5nfF3zW_uj1S-TTC2-Zvt62-aUmIP6T8hp5-hSMtKCHcyOV8sHu6UQy9v-Q1bP8o2XNfthlu4ooxOttpD0arp4hTE9eRW8sSLUorNzK33KbrAn8xKQfIfCII1TdL6ZCDqoBcUv5wD0lHm13dRtZgnWz7lIcJ8HLfQkRcwMHvI3lLLdheQYu-39NqKH3wu5bbuciOJYSZhwis4yKTjd42byo_Jzkpfe1s9pwy2CNBgyAKF0JiSpBHfoFvL5o5E5LCE7fOxWtQfOO0m7u6KxZ7fUQW68wsY4-NdRspWbvdClmH&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c31fc81f286500b2c7f1f6c171ede12ce3b2a61d7d2f00df9d650456e42f4c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:03:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1653458601827716-1340233879467169153800134-production-app-host-vla-pcode-247
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252771/getBulk/ 2 KB
1 KB 223ms
129ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-25T06%3A03%3A21.661%2B00%3A00&pd=25&pdh=1200&pdw=1600&pr1=1312932015&pr=2078643238&prr=&pv=6&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.586016&ybv=0.586016&ytt=158331285143557&is-turbo=0&skip-token=&ad-session-id=6239761653458601621&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A241%2C%22h%22%3A0%2C%22width%22%3A241%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1103%2C%22top%22%3A572%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=586016&available-width=241&p1=crsny&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580227%2C0%2C56%3B579745%2C0%2C7%3B573668%2C0%2C83%3B586220%2C0%2C51%3B586228%2C0%2C13%3B585887%2C0%2C46%3B582673%2C0%2C74%3B585619%2C0%2C70%3B580148%2C0%2C1%3B406668%2C0%2C40%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz0ZBURdSeaMk2iZWIhWSstcJgkHa%2Bi0oinZTFAjy7x1K8kXeDXfRYrErYKFzOJw5c2b0bTVotTG2E3717uO31d%2Bfv3w9rd6tpBZVK1fr1dPpryf1G%2F4noyVh5er7p%2FWq3gm9lVC3qn4Av7Nm2O6gNVtVLzhE7ZXRUA3e46O3yljljwvOlDJKR869cKDlAWrRtuANzGAvH5eBeTsswsrznPBspJhihkG7oe%2BN9bLBoEQjLbjaqt6DszUchNVKb1%2FhZHnGLmF1ZgpFqNZYqE3424tWei9Bi04uuFq13Xmotgs%2BlhKWj3xW9lJ42HeiByvfD9J5EBuPMSptTdvG42IsS4pLXIOT0NemwUqYrsMIhfei3oHbicYcXmEqecYvTM6PmdtL6%2FCmC2TOs5LxBZbjz7VotdFOjUnemQN45ZFI6AYq0xxBNJgpiznCG8YD4kWepCOpaDbmETqs1V45VakWRQN4u1FuC5LTP38sFcrSlIwcKOq59KhtEF1%2Fi3v68%2BtpAeNpOcMwo86FWtxjnp91Ab0Yb4UhH%2FTy0h%2BTgheUrWlekjzHB%2Bc8Wad5lnC%2BpmmZp%2BGRE1asaZFlWbqmhCaEnF9JSVkUCGekJAnCWZbxT7cxsTIhyRwTOCk1mMpJu7%2FL%2Fen3z798OS37sKDlJPiNwrvg%2FXdyFLL28TRkeVpOR36QmqKkG%2BnUVgNN4H2KupI9pFGCnNJyqntvJTY9WF9h%2FlulZRTHaJlPEddm0D5YxuPORiGccTo5xREFKh%2FBDtCYTigdg2E9aDo3HercBHFgv1UGNkPborNgnqP4JKWzKkNuK2sesDCYV9ha1cSRDNvixYChUc5bVUXhqJ0iu9YmhAsH1fgdqE5so%2BlFwWWcXLF43OgQlbGhqaxo1OB%2BeiPDUYS4p4BBtAdxdHFkymZNNZvgkq5Hi5FoLZ00w3IaUELIEpuRdLrz2RkRqn38vBxpblrZyuAd5%2FNAPkZbAI9kjD6Hq01wv0Nw19cU8gOGcwB70Q6LaqXkZfQ8ACd1Kt1jkUHYLn52kZRn30Wj8MqNs2hjAFswarc4eEk2TbVW4lTFOWlxhgirxF3C6T1sLu9dP1mJw7nBqf3GxkKmc62FRYHglBFXuUhr0fpxK7nlyBd4TjIyW8%2B0mwTb3it5CNtD9OiCFbP7h9dB44ZQS4d9tY3CGEXcCHOux1Wn3skQIfTS1ncqDb5%2Fi8yTcrqr64T1mGsnVB1yN0374Avxo3GwlLcq6WSjBExsLu5DV2ww58YMo8rG7e%2B15rhCJ2mTR4JrBgZrnFdRJE%2FyOVd1a%2FSlup3ZjzM6jqWMpz%2FATnHQ%2F4lP3ogfIb2oH3A7GofUaEuvgFFdk%2F1JXDIl4NjApjhY0aNOzoN52TtxQpzuyWVfO5sEsuEeHBSP8tHPmr327ZKEUMpiJDj3cfpDpbwVfnnD58vehew8WGo3rWqRa%2F369OVuhWWz%2FYSIFKrCmx6M32GSPH6hQDe0Xr1hqU6Lgj%2Fj%2BU9g%2FPWw8O5uOery%2B3mFCyElF%2FwsMavntRk21nTPjfiF5ZlSPneZax7uF76wsXN2v8Nzdmnpq%2BHipxJ%2B2cAGNzGzIEl%2BJvm9Sm%2F39Xnc4J6OnzitOIYZonTwVNRD%2FRBUgjqOFpTnOIvu1h0rw0fJKw1DkozfhLJcxWObPynO1dtaUcU9AT%2B9SHZ9F5z6sAgrTyiJvf%2FC%2BpLkLyK%2B%2FwuWLX2v&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Ouly5BAktAHwzor3CGrULJJ4OLKUihol%2FFyREd89LmRw8UShzX1KcP0e5j%2B7UzqC%2BzSCnHpS%2By%2BNZYC6lhfgx%2BIaSfs%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODZ9ChKjtpDkuOlBBKgLF8v8R1IqttPXxbDvs_H8M9roXNpJWuGM7jdZ7DC2tOPEnDhLYraTx7HjcvzbaJ-3dcvWUYBexMCegTZDCEJVoSeycuk5qffedypTVVEaQlChQlIlCkEM-aEi5AfEAVEoyUMYoSqUhqoA8fVVoSBU5QAiATUPeSM5FIWyUL56klCWL2AnVPyAKAcXkIBCDR44aBlwLBJa-hDUFU-1EgUBApt4aOlzHIs8GsJQEpBcNDvULlUQQmUAeii76sq-JsihCiioqwBUFQQokIogVwFuaFplQVthRCviChSKm5sAtIXlnx3CqjXSCL5Rkt13Cy4ZZi3ViAME1wZmlQizULnq0lVd5jb_yyz-8k8cIPSZJgnUV4S9kuS7gmY1rIXhX4oigL9bHM2h_wwY74rEZyfvyqCsdrMT5oUayCR1PQBZbhGf_qIFAN_XIFhhhQH8ygXQy7DZu-yQFZoB9JshDPEL0FDoU3wYQJwN_CwzlJ4aIQgzG9VpFEL9YfmVcrPOULR0ll53htS0CIH_GVWhOACj6LqOjDc3BHNWOcrQl-NQka8o_JEx217BVmKAePRkAVGgXrhhGvTld8Z_-Quz_-OdhsNWKMtXPwNcjQ41MoCPICAuMxDOWXlfg2yZSzQ0pesliKv6zDAU2Yjzsks6Tzyf4mFaCHdVhCvUiOxJyBd6RUC4LBug-91VnYXPBISfL-CWPj8aYM8FwQ5fuRDNvSV99d7fCKr68BeS4RxKUyhQ0-T13kMF8WoJ85mUg4ju-lSjzp-7Lve9492_YhfBm-GX_dMz5gMXEKPO59rLI_5wIh2izT-bSJYVIn9X1pw2i_H3HyHMBRDEsjLiyhfz7y28ZNV-Y9nCnAeEecsdmYF6ydKQNcId8xKGIYlLe9muZVYL7Rfq0-6E8S_I0BRg_tS-RHklhsMoQV8iFNKcVMxdEJ3IzHYEpfE30ZeXFU-rRekPcYAG8HrhVp3vrORXbcVQNB_4mdBp9HMNQckBg0RjMKdxFYxkZ19fa9Xodraz-tHdzxL9j_K5ef4dz5DRUpNFRhMVNVmSmqmoozgyJVRANnZPzdRiUBuTKM0NqTGBgNmcaCl0MWkU6w3MOYXeECWGCALm7cOzBShW4llR7DtfUjLjGlYHajT5p9AddftuxaD3eKo6l16O4O3M7xeo8xDODG4JONHwsQsV7xpJRgw7jbphz4MRHIIlIsCHMJxY7rbbpgIzExU1Uy-HUm9GklOYUq0WAmbSlDzJAaHNBhAzFbU5RupSRoEi0pMWlWxhVjbTSu6RJroiqQJdeRW2AWcZqS42pjokDmFaDQUKXWLWUCS6VUu5VE16cv1wmlpBN3NNY8OhMqR2FeMqZsbEoMlWbWVrTJyk5zaIM6SxNqY0JZaqHo1NMQeuTLEBmTaLo8RoSUtuifkAlGVgxxFZRqZHmuyuc46ieRyEsPvvzpN9o0ymGBIw0VmSY2CW-gU7BmYtd8GIgdkJffo3BmbxS6quqTAwW7mLBgz7C96yFAxHbeexkEmzGBLT9rjSMix7TExOFmWutkSpiSK9gUtiqllWUkaG6QEFZuVoSVNOsrIoAStySWj92oimRy5b8LpdjsDLtObEEl9PDeS5C7jfQJipcvDAyZsup1sFqOU4KbP45ODqw9oKx2yp4MJO3Tixr-TaqYcZW6l4__ZVuO7uq8-ILI_vlF8VKXWpwRwbyOf8rqKxFtg13QO85a2ATHbDXC4UlWhLnu9K2MXB8g4H_K2DQd3kDDr4ISzIRUc47gwmIGYLRaFNLbOCOLMOyEVBP3TPFlqCvB9T5bVoqWUL7u3V3lgpTXoKZFmkSwxmLTMnZY5kzSHZFGsjJ1mzqdj7CUWqM7d0Bxeexm7aOJWMi_l2mjtlGJBPLURqqfgs-gOXTNa6y-y4--T3UL2sLJRRM5FyFl2roSxCd1TfmVwRP_3Ay687Z5mY-f5R9GTJT906Tz_fdc62p2OgFQL7EDpvKch_8JfIy2vnGHmAeJKmBVAWwMvpGenpcboyRYlQiiYFePIhAUKtF6RlA_7g6YicW-X3MUFZesHF6bIJJp7eYU5eDTtOdQSlRjQDMN8mlTUGXPUmuE_yPInkPwElVLx-5tWnAPEWBm2ixx3nxdkiBYH6W31GUKH58Dt-90T1kSo_aor3ndoC7Y_g-9fh3mG3J4sm1VmAa_F2tVr2-kH-GsReWVNpFUmmFIleE2Uvq9zRe7eQltLdvOQWCj0QSr3O3Fg2tTahmOAxABCqGWfH9xdDJUt0eku8v6o23phb6mUZZUw-p9RFMcXEZ_0vVu0tMxKkcQJ2ZozBWtzISsuvIF7nVOmDjXGvQL8n8aFLzHE694spIo1u-WHyYD8sV-lRoJ0rnYh7Cb3N1V7qEDI6Lij-q9wJtFIAkoVftlKgmxieMeFAoz233mCu9CFwBBUZGGjoIMonvGdMKtn2R2bRlHH89BmwxujdHFfR3cQXiw_2achR_uvPlFKrN2mixJPxHePyRSvxakfD9MPsfZgzv96WcfIXOD_1JMHYe00ZJqRwl2PqLYwoaVAxem_xWgD6T4AwP8FcW_EfgiFcmph5AIQ0tHToD2DJBxRPwSQ_fvmziQ9WWgPGcjex_wF06A9gxQcAbbcKxvwPILFDADNVBSMNI3qhzIo34WzNiIUSIgQmhHsL8FJGP2pGHMAvRqzy30PxigR-fiUw3iEmCAavRsT4z_5F2zemNnDn_4rHAhAOQF39NjYuv8Nowpch8KU0fu6NmY7BSI_-BZb8gr15YeEQcP3QVEmsqp2dYoxxZQ9bqTpQPYRe-NCdZACN6Z3qBYCkWb5tpKsEvB_g6VYladMgapxYUHqFcsjmVgqYOQdENHQQop-DJc8Ba7MpkDFfWf-cipvwTHNBkweIbvIyVTqUCTzvC_e_018Eo9Mp_vaL6qOfQ7VlY0PSFTaxG6u_561G3xxOz5PlABEmXgIxDS3E6C9BDzpz_gYMqyD1C3OlHzf7O2p3eEImKoYfQ8Al_ZsJ3snnTKMoPgkn4o5HPwTH_rugwnmC1q7Z6mLGmWe5fxQbSfW6KP28yeh9O_2vsfeYu4DXG3p_bB_v_IIKO6jHm9pk9BZ-XRczLYmTr-AZutv9vM73-BavDkKOs-tqjanJZKXX244N5j9laMK_t6gglAe0ftdrSBvFO6LS9SS_dfuTXUjfD3cE8BNM7LDgdDTFw-Krj6BLelkonajHi2bM-JppUWHL14yhVsAcAvsiU5nv0n5FcfXjhypmmiEjD_O-rES4A1eX_Hs15e0Gmsqyc2nBscCb4j6ONYN6rP8mHZ9OI9ee4L6sW7308_t0pN3OK752a4ubvN8zwCZXJS0tC8-P4ARett0KYY388av5SbWLr6hslwI7ri03Br2_aKpugo_x5HdK8CaoPfij7T-U-JVEznS5h71QjzfrDlteNTAWlKSL_S1j58qAkqXn6uUhxxLfUQXvmDPyzhO-BbkrYR4DwmcAH7nKR246SUKNhD5UpOjGJb6x4XPa4-LKRpPp-0X43bfGdFnK7glDyMoThnZ68pxWwAcmPgGu-uLHopXu7KzjCyNv5nhPE7_6pyY9KlP2MIvVZH9MjpaFyTmcR08FXRWrHhca5LUVAS3DaIl2IXKnu493NLr2EKbi-MJUrPONe6-llvHyHrXkQPHQB-4cOKxdK-htL2Zh2C_rEpVoMHwfuXLjx1Pv87qgutNffhu6o9JaGYTF93Tsgf2roGPlupMuq2VpNbkVvicszl_sz9-ZJXOZ6ba7CzSlw6oKQV545UoSVfx-9PA_QUmxRKxtFyH77cZ3BfQQs_QK6FHlr8RIuse3zSj_6Dqv19l641-9C8ljxE-KpD1kxUPA78bC59ljOW939zgDEAX9e9ePoNcqVtKmQEfKgV-zu0dsp7II4XaPW47FFYWpDH1orqGh8ojtjP124rKnf4LJvPO7QI6Pf4Jd8QzG7kt3mQTyXtz4I3SRv5w2D0B7r4NSiSPQ_7myuOVGNHYPmZVbYwhsY0bHNmYFjfTnpZYHZvzF2OENjk5UwT8v6VEfZO2iagBPcn9MVZYXgiZ6jYNXgE_-JWa_Y3SGz8i6BanqoD1_PuG9ojbFJ3mDcf8uDfJzVUUYUpNDRffDwY19UKF7db6ymKR2QKRzA35X8yQd0lseHuifIYoeYVayebQMrNw6xzCsRqsEHnp6SQ1mER0rPo7aYByvpgcwQtghTE6GCLsDRRPEjiutqrrJMEp2G8AzsPIOYDQ48ofsNzpcnu8-E73JTmSzfRUi3ye8eP-2lfuT1Ucfj74rrrDqUrUrrLGfJxzQC79TENesceqn0siFD4Wra9GLXxvGHmgibY-rvTkPoT-Y09XFBVRzD9lj4u-0DUxwaccuXn8OKR4CW701NwcQ1yA2201jcIty3_3uT_yo7ox6XcLtGfY1PGTEFfT0-LiD4dVHYZO6fOPt8061sTnBxS-empEmuigbeZSpE8znYMdm8iTKkOuSxKw3ZshjQ2qgSHILnSwzJ1pkdmTKFnJQoGgEMNwU4Chn7jSrAO61v9wPirntPv3du52_Q9sFNBSy-4ILsCX4FGmUkOsPwnIHCLur5ALKbgewgraq-Ic9F69DYp1abqWVZaZUdz-dvws3e7PyfQtTW8_Ba_upnUfsvxGO505xvtQaNUXl2uVJs1TqnlqQ6VrocC3MynFT9JxAs0xvMCEp7kduoTE04ldsop6F_px6sunBC-RTiU4z5nfF3zW_uj1S-TTC2-Zvt62-aUmIP6T8hp5-hSMtKCHcyOV8sHu6UQy9v-Q1bP8o2XNfthlu4ooxOttpD0arp4hTE9eRW8sSLUorNzK33KbrAn8xKQfIfCII1TdL6ZCDqoBcUv5wD0lHm13dRtZgnWz7lIcJ8HLfQkRcwMHvI3lLLdheQYu-39NqKH3wu5bbuciOJYSZhwis4yKTjd42byo_Jzkpfe1s9pwy2CNBgyAKF0JiSpBHfoFvL5o5E5LCE7fOxWtQfOO0m7u6KxZ7fUQW68wsY4-NdRspWbvdClmH&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f76ef8dbf025afcdcfc904fe4d207f2cfb246883fba9c12638372dea4d96d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:03:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1653458601828589-1614092917494912929100170-production-app-host-vla-pcode-307
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 06:03:21 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252771/getBulk/ 2 KB
1 KB 394ms
302ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-25T06%3A03%3A21.664%2B00%3A00&pd=25&pdh=1200&pdw=1600&pr1=3180454479&pr=2078643238&prr=&pv=6&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.586016&ybv=0.586016&ytt=158331285143557&is-turbo=0&skip-token=&ad-session-id=6239761653458601621&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A436%2C%22top%22%3A330%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=586016&available-width=728&p1=crsnx&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580227%2C0%2C56%3B579745%2C0%2C7%3B573668%2C0%2C83%3B586220%2C0%2C51%3B586228%2C0%2C13%3B585887%2C0%2C46%3B582673%2C0%2C74%3B585619%2C0%2C70%3B580148%2C0%2C1%3B406668%2C0%2C40%3B574104%2C0%2C-1&pcode-flags-map=eJylV9uO2zYQ%2FZXCz0ZBURdSeaMk2iZWIhWSstcJgkHa%2Bi0oinZTFAjy7x1K8kXeDXfRYrErYKFzOJw5c2b0bTVotTG2E3717uO31d%2Bfv3w9rd6tpBZVK1fr1dPpryf1G%2F4noyVh5er7p%2FWq3gm9lVC3qn4Av7Nm2O6gNVtVLzhE7ZXRUA3e46O3yljljwvOlDJKR869cKDlAWrRtuANzGAvH5eBeTsswsrznPBspJhihkG7oe%2BN9bLBoEQjLbjaqt6DszUchNVKb1%2FhZHnGLmF1ZgpFqNZYqE3424tWei9Bi04uuFq13Xmotgs%2BlhKWj3xW9lJ42HeiByvfD9J5EBuPMSptTdvG42IsS4pLXIOT0NemwUqYrsMIhfei3oHbicYcXmEqecYvTM6PmdtL6%2FCmC2TOs5LxBZbjz7VotdFOjUnemQN45ZFI6AYq0xxBNJgpiznCG8YD4kWepCOpaDbmETqs1V45VakWRQN4u1FuC5LTP38sFcrSlIwcKOq59KhtEF1%2Fi3v68%2BtpAeNpOcMwo86FWtxjnp91Ab0Yb4UhH%2FTy0h%2BTgheUrWlekjzHB%2Bc8Wad5lnC%2BpmmZp%2BGRE1asaZFlWbqmhCaEnF9JSVkUCGekJAnCWZbxT7cxsTIhyRwTOCk1mMpJu7%2FL%2Fen3z798OS37sKDlJPiNwrvg%2FXdyFLL28TRkeVpOR36QmqKkG%2BnUVgNN4H2KupI9pFGCnNJyqntvJTY9WF9h%2FlulZRTHaJlPEddm0D5YxuPORiGccTo5xREFKh%2FBDtCYTigdg2E9aDo3HercBHFgv1UGNkPborNgnqP4JKWzKkNuK2sesDCYV9ha1cSRDNvixYChUc5bVUXhqJ0iu9YmhAsH1fgdqE5so%2BlFwWWcXLF43OgQlbGhqaxo1OB%2BeiPDUYS4p4BBtAdxdHFkymZNNZvgkq5Hi5FoLZ00w3IaUELIEpuRdLrz2RkRqn38vBxpblrZyuAd5%2FNAPkZbAI9kjD6Hq01wv0Nw19cU8gOGcwB70Q6LaqXkZfQ8ACd1Kt1jkUHYLn52kZRn30Wj8MqNs2hjAFswarc4eEk2TbVW4lTFOWlxhgirxF3C6T1sLu9dP1mJw7nBqf3GxkKmc62FRYHglBFXuUhr0fpxK7nlyBd4TjIyW8%2B0mwTb3it5CNtD9OiCFbP7h9dB44ZQS4d9tY3CGEXcCHOux1Wn3skQIfTS1ncqDb5%2Fi8yTcrqr64T1mGsnVB1yN0374Avxo3GwlLcq6WSjBExsLu5DV2ww58YMo8rG7e%2B15rhCJ2mTR4JrBgZrnFdRJE%2FyOVd1a%2FSlup3ZjzM6jqWMpz%2FATnHQ%2F4lP3ogfIb2oH3A7GofUaEuvgFFdk%2F1JXDIl4NjApjhY0aNOzoN52TtxQpzuyWVfO5sEsuEeHBSP8tHPmr327ZKEUMpiJDj3cfpDpbwVfnnD58vehew8WGo3rWqRa%2F369OVuhWWz%2FYSIFKrCmx6M32GSPH6hQDe0Xr1hqU6Lgj%2Fj%2BU9g%2FPWw8O5uOery%2B3mFCyElF%2FwsMavntRk21nTPjfiF5ZlSPneZax7uF76wsXN2v8Nzdmnpq%2BHipxJ%2B2cAGNzGzIEl%2BJvm9Sm%2F39Xnc4J6OnzitOIYZonTwVNRD%2FRBUgjqOFpTnOIvu1h0rw0fJKw1DkozfhLJcxWObPynO1dtaUcU9AT%2B9SHZ9F5z6sAgrTyiJvf%2FC%2BpLkLyK%2B%2FwuWLX2v&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Ouly5BAktAHwzor3CGrULJJ4OLKUihol%2FFyREd89LmRw8UShzX1KcP0e5j%2B7UzqC%2BzSCnHpS%2By%2BNZYC6lhfgx%2BIaSfs%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODZ9ChKjtpDkuOlBBKgLF8v8R1IqttPXxbDvs_H8M9roXNpJWuGM7jdZ7DC2tOPEnDhLYraTx7HjcvzbaJ-3dcvWUYBexMCegTZDCEJVoSeycuk5qffedypTVVEaQlChQlIlCkEM-aEi5AfEAVEoyUMYoSqUhqoA8fVVoSBU5QAiATUPeSM5FIWyUL56klCWL2AnVPyAKAcXkIBCDR44aBlwLBJa-hDUFU-1EgUBApt4aOlzHIs8GsJQEpBcNDvULlUQQmUAeii76sq-JsihCiioqwBUFQQokIogVwFuaFplQVthRCviChSKm5sAtIXlnx3CqjXSCL5Rkt13Cy4ZZi3ViAME1wZmlQizULnq0lVd5jb_yyz-8k8cIPSZJgnUV4S9kuS7gmY1rIXhX4oigL9bHM2h_wwY74rEZyfvyqCsdrMT5oUayCR1PQBZbhGf_qIFAN_XIFhhhQH8ygXQy7DZu-yQFZoB9JshDPEL0FDoU3wYQJwN_CwzlJ4aIQgzG9VpFEL9YfmVcrPOULR0ll53htS0CIH_GVWhOACj6LqOjDc3BHNWOcrQl-NQka8o_JEx217BVmKAePRkAVGgXrhhGvTld8Z_-Quz_-OdhsNWKMtXPwNcjQ41MoCPICAuMxDOWXlfg2yZSzQ0pesliKv6zDAU2Yjzsks6Tzyf4mFaCHdVhCvUiOxJyBd6RUC4LBug-91VnYXPBISfL-CWPj8aYM8FwQ5fuRDNvSV99d7fCKr68BeS4RxKUyhQ0-T13kMF8WoJ85mUg4ju-lSjzp-7Lve9492_YhfBm-GX_dMz5gMXEKPO59rLI_5wIh2izT-bSJYVIn9X1pw2i_H3HyHMBRDEsjLiyhfz7y28ZNV-Y9nCnAeEecsdmYF6ydKQNcId8xKGIYlLe9muZVYL7Rfq0-6E8S_I0BRg_tS-RHklhsMoQV8iFNKcVMxdEJ3IzHYEpfE30ZeXFU-rRekPcYAG8HrhVp3vrORXbcVQNB_4mdBp9HMNQckBg0RjMKdxFYxkZ19fa9Xodraz-tHdzxL9j_K5ef4dz5DRUpNFRhMVNVmSmqmoozgyJVRANnZPzdRiUBuTKM0NqTGBgNmcaCl0MWkU6w3MOYXeECWGCALm7cOzBShW4llR7DtfUjLjGlYHajT5p9AddftuxaD3eKo6l16O4O3M7xeo8xDODG4JONHwsQsV7xpJRgw7jbphz4MRHIIlIsCHMJxY7rbbpgIzExU1Uy-HUm9GklOYUq0WAmbSlDzJAaHNBhAzFbU5RupSRoEi0pMWlWxhVjbTSu6RJroiqQJdeRW2AWcZqS42pjokDmFaDQUKXWLWUCS6VUu5VE16cv1wmlpBN3NNY8OhMqR2FeMqZsbEoMlWbWVrTJyk5zaIM6SxNqY0JZaqHo1NMQeuTLEBmTaLo8RoSUtuifkAlGVgxxFZRqZHmuyuc46ieRyEsPvvzpN9o0ymGBIw0VmSY2CW-gU7BmYtd8GIgdkJffo3BmbxS6quqTAwW7mLBgz7C96yFAxHbeexkEmzGBLT9rjSMix7TExOFmWutkSpiSK9gUtiqllWUkaG6QEFZuVoSVNOsrIoAStySWj92oimRy5b8LpdjsDLtObEEl9PDeS5C7jfQJipcvDAyZsup1sFqOU4KbP45ODqw9oKx2yp4MJO3Tixr-TaqYcZW6l4__ZVuO7uq8-ILI_vlF8VKXWpwRwbyOf8rqKxFtg13QO85a2ATHbDXC4UlWhLnu9K2MXB8g4H_K2DQd3kDDr4ISzIRUc47gwmIGYLRaFNLbOCOLMOyEVBP3TPFlqCvB9T5bVoqWUL7u3V3lgpTXoKZFmkSwxmLTMnZY5kzSHZFGsjJ1mzqdj7CUWqM7d0Bxeexm7aOJWMi_l2mjtlGJBPLURqqfgs-gOXTNa6y-y4--T3UL2sLJRRM5FyFl2roSxCd1TfmVwRP_3Ay687Z5mY-f5R9GTJT906Tz_fdc62p2OgFQL7EDpvKch_8JfIy2vnGHmAeJKmBVAWwMvpGenpcboyRYlQiiYFePIhAUKtF6RlA_7g6YicW-X3MUFZesHF6bIJJp7eYU5eDTtOdQSlRjQDMN8mlTUGXPUmuE_yPInkPwElVLx-5tWnAPEWBm2ixx3nxdkiBYH6W31GUKH58Dt-90T1kSo_aor3ndoC7Y_g-9fh3mG3J4sm1VmAa_F2tVr2-kH-GsReWVNpFUmmFIleE2Uvq9zRe7eQltLdvOQWCj0QSr3O3Fg2tTahmOAxABCqGWfH9xdDJUt0eku8v6o23phb6mUZZUw-p9RFMcXEZ_0vVu0tMxKkcQJ2ZozBWtzISsuvIF7nVOmDjXGvQL8n8aFLzHE694spIo1u-WHyYD8sV-lRoJ0rnYh7Cb3N1V7qEDI6Lij-q9wJtFIAkoVftlKgmxieMeFAoz233mCu9CFwBBUZGGjoIMonvGdMKtn2R2bRlHH89BmwxujdHFfR3cQXiw_2achR_uvPlFKrN2mixJPxHePyRSvxakfD9MPsfZgzv96WcfIXOD_1JMHYe00ZJqRwl2PqLYwoaVAxem_xWgD6T4AwP8FcW_EfgiFcmph5AIQ0tHToD2DJBxRPwSQ_fvmziQ9WWgPGcjex_wF06A9gxQcAbbcKxvwPILFDADNVBSMNI3qhzIo34WzNiIUSIgQmhHsL8FJGP2pGHMAvRqzy30PxigR-fiUw3iEmCAavRsT4z_5F2zemNnDn_4rHAhAOQF39NjYuv8Nowpch8KU0fu6NmY7BSI_-BZb8gr15YeEQcP3QVEmsqp2dYoxxZQ9bqTpQPYRe-NCdZACN6Z3qBYCkWb5tpKsEvB_g6VYladMgapxYUHqFcsjmVgqYOQdENHQQop-DJc8Ba7MpkDFfWf-cipvwTHNBkweIbvIyVTqUCTzvC_e_018Eo9Mp_vaL6qOfQ7VlY0PSFTaxG6u_561G3xxOz5PlABEmXgIxDS3E6C9BDzpz_gYMqyD1C3OlHzf7O2p3eEImKoYfQ8Al_ZsJ3snnTKMoPgkn4o5HPwTH_rugwnmC1q7Z6mLGmWe5fxQbSfW6KP28yeh9O_2vsfeYu4DXG3p_bB_v_IIKO6jHm9pk9BZ-XRczLYmTr-AZutv9vM73-BavDkKOs-tqjanJZKXX244N5j9laMK_t6gglAe0ftdrSBvFO6LS9SS_dfuTXUjfD3cE8BNM7LDgdDTFw-Krj6BLelkonajHi2bM-JppUWHL14yhVsAcAvsiU5nv0n5FcfXjhypmmiEjD_O-rES4A1eX_Hs15e0Gmsqyc2nBscCb4j6ONYN6rP8mHZ9OI9ee4L6sW7308_t0pN3OK752a4ubvN8zwCZXJS0tC8-P4ARett0KYY388av5SbWLr6hslwI7ri03Br2_aKpugo_x5HdK8CaoPfij7T-U-JVEznS5h71QjzfrDlteNTAWlKSL_S1j58qAkqXn6uUhxxLfUQXvmDPyzhO-BbkrYR4DwmcAH7nKR246SUKNhD5UpOjGJb6x4XPa4-LKRpPp-0X43bfGdFnK7glDyMoThnZ68pxWwAcmPgGu-uLHopXu7KzjCyNv5nhPE7_6pyY9KlP2MIvVZH9MjpaFyTmcR08FXRWrHhca5LUVAS3DaIl2IXKnu493NLr2EKbi-MJUrPONe6-llvHyHrXkQPHQB-4cOKxdK-htL2Zh2C_rEpVoMHwfuXLjx1Pv87qgutNffhu6o9JaGYTF93Tsgf2roGPlupMuq2VpNbkVvicszl_sz9-ZJXOZ6ba7CzSlw6oKQV545UoSVfx-9PA_QUmxRKxtFyH77cZ3BfQQs_QK6FHlr8RIuse3zSj_6Dqv19l641-9C8ljxE-KpD1kxUPA78bC59ljOW939zgDEAX9e9ePoNcqVtKmQEfKgV-zu0dsp7II4XaPW47FFYWpDH1orqGh8ojtjP124rKnf4LJvPO7QI6Pf4Jd8QzG7kt3mQTyXtz4I3SRv5w2D0B7r4NSiSPQ_7myuOVGNHYPmZVbYwhsY0bHNmYFjfTnpZYHZvzF2OENjk5UwT8v6VEfZO2iagBPcn9MVZYXgiZ6jYNXgE_-JWa_Y3SGz8i6BanqoD1_PuG9ojbFJ3mDcf8uDfJzVUUYUpNDRffDwY19UKF7db6ymKR2QKRzA35X8yQd0lseHuifIYoeYVayebQMrNw6xzCsRqsEHnp6SQ1mER0rPo7aYByvpgcwQtghTE6GCLsDRRPEjiutqrrJMEp2G8AzsPIOYDQ48ofsNzpcnu8-E73JTmSzfRUi3ye8eP-2lfuT1Ucfj74rrrDqUrUrrLGfJxzQC79TENesceqn0siFD4Wra9GLXxvGHmgibY-rvTkPoT-Y09XFBVRzD9lj4u-0DUxwaccuXn8OKR4CW701NwcQ1yA2201jcIty3_3uT_yo7ox6XcLtGfY1PGTEFfT0-LiD4dVHYZO6fOPt8061sTnBxS-empEmuigbeZSpE8znYMdm8iTKkOuSxKw3ZshjQ2qgSHILnSwzJ1pkdmTKFnJQoGgEMNwU4Chn7jSrAO61v9wPirntPv3du52_Q9sFNBSy-4ILsCX4FGmUkOsPwnIHCLur5ALKbgewgraq-Ic9F69DYp1abqWVZaZUdz-dvws3e7PyfQtTW8_Ba_upnUfsvxGO505xvtQaNUXl2uVJs1TqnlqQ6VrocC3MynFT9JxAs0xvMCEp7kduoTE04ldsop6F_px6sunBC-RTiU4z5nfF3zW_uj1S-TTC2-Zvt62-aUmIP6T8hp5-hSMtKCHcyOV8sHu6UQy9v-Q1bP8o2XNfthlu4ooxOttpD0arp4hTE9eRW8sSLUorNzK33KbrAn8xKQfIfCII1TdL6ZCDqoBcUv5wD0lHm13dRtZgnWz7lIcJ8HLfQkRcwMHvI3lLLdheQYu-39NqKH3wu5bbuciOJYSZhwis4yKTjd42byo_Jzkpfe1s9pwy2CNBgyAKF0JiSpBHfoFvL5o5E5LCE7fOxWtQfOO0m7u6KxZ7fUQW68wsY4-NdRspWbvdClmH&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4208a9be00db4f36fd2b0565abccc98d6bac743c04d08e19f1720fa32ce7fad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:03:22 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1653458601831221-1248513686951460609000143-production-app-host-sas-pcode-97
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 200 8a9baf5c0a42eaa9d8cf.js Show response
yastatic.net/partner-code-bundles/586016/ 507 KB
104 KB 93ms
90ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/586016/8a9baf5c0a42eaa9d8cf.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1d49fc65e06d7237ab11b12091f9e35ae418f06a70691fae2295c676368ceb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 106242
last-modified: Mon, 23 May 2022 15:21:12 GMT
server: nginx/1.17.9
etag: "1ae0e3e9550f677fed1312d780798c9c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2052 12:38:57 GMT

GET
H2 200 quotes Show response
nurtech.pro/trading/ 372 B
795 B 333ms
103ms Fetch
application/json 94.247.128.38
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://nurtech.pro/trading/quotes

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.38 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

31aceb08e10d1d8708728f7cc683eed2cdd191cb0b42e0e31970eddb1fb40f50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin
x-xss-protection: 0
x-f-status: HIT
referrer-policy: no-referrer
server: nginx
etag: W/"174-wD/LyAqKNOEDiaJgIKUqfYA35TQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 chunk-react-vendors.2103090c.js Show response
www.nur.kz/nur/js/ 122 KB
35 KB 105ms
105ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-react-vendors.2103090c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8a54"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 35412
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 chunk-4.24dd4b97.js Show response
www.nur.kz/nur/js/ 12 KB
5 KB 106ms
106ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-4.24dd4b97.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-10c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4291
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 chunk-120.983fb3a0.js Show response
www.nur.kz/nur/js/ 144 KB
33 KB 107ms
107ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-8268"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 33384
expires: Thu, 25 May 2023 06:03:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 44ms
44ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=565231257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=CgAho3N_S6ek6TgBcPgd7A.1&_u=aGDAAUABCAAAAG~&jid=226020078&gjid=668218457&cid=819422530.1653458601&tid=UA-6273700-34&_gid=1570992650.1653458601&_r=1&_slc=1&cd12=&cd13=&z=373172105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 4 KB
2 KB 539ms
314ms Fetch
application/json 91.215.139.235
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=706b2892-c255-479b-b9f3-58d0c90fb0c6&sectionId=1&lifespan=7&limit=5

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

68c3b5e4ce8dac761ecf5a0278eec17dcdb7a613a461f893737967fccc8130c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"e95-jIKF+jg7sbA8l5WnfKx/7dk7Abw"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

GET
H2 200 5ad73d4b44a9b6b9.webp
cdn.nur.kz/images/272x153/ 15 KB
15 KB 190ms
188ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/5ad73d4b44a9b6b9.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f47f25ca057e47a60b083139d625b46728088c53a1232b5e982ecaa7d0b146bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Wed, 25 May 2022 02:34:41 GMT
server: nginx
x-cs: HIT
etag: "57edc07f94208c1ee1899d5997c2442f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 14990
expires: Thu, 25 May 2023 06:03:21 GMT

GET
H2 200 6b58c5bb7e9a1e81.webp
cdn.nur.kz/images/272x153/ 61 KB
61 KB 190ms
188ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/6b58c5bb7e9a1e81.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ee2acc5a726593e71da1935f478ef20e5c185ad1cd43fafc07b148c147650fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
last-modified: Tue, 24 May 2022 12:47:41 GMT
server: nginx
x-cs: HIT
etag: "745ccf18c097ccd1aa7bbe65e90196d7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 62226
expires: Thu, 25 May 2023 06:03:21 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-34&cid=819422530.1653458601&jid=226020078&gjid=668218457&_gid=1570992650.1653458601&_u=aGDAAUABCAAAAG~&z=1152539100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 06:03:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 82ms
39ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=819422530.1653458601&jid=226020078&_u=aGDAAUABCAAAAG~&z=1690569998

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 132ms
52ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=819422530.1653458601&jid=226020078&_u=aGDAAUABCAAAAG~&z=1690569998

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 100ms
99ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=364:uniques_holding&s=0d0db5a9a93692f403af81423ab76478&__io=80a6b5b0d.79eb41db1_1653458601297&1653458601811
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 149ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
45ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
16 KB 327ms
327ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973602572337587&correlator=1400491650961114&eid=31067720&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom%2CNUR_Desktop_Bottom2%2CNUR_Desktop_Bottom3%2CNUR_Desktop_Anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C728x90%7C728x200%7C980x90%7C980x200%2C728x90%7C728x200%7C980x90%7C980x200%2C1x1%7C728x90%7C980x90%7C1000x90%7C1000x200%7C1200x90%7C2000x90%7C728x200&ifi=1&adks=2902430930%2C1806412577%2C1148870173%2C3302193688&sfv=1-0-38&ecs=20220525&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie_enabled=1&abxe=1&dt=1653458601884&dlt=1653458601180&idt=387&biw=1600&bih=1200&adxs=436%2C436%2C436%2C-12245933&adys=2463%2C5041%2C6753%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1088x0%7C1088x0%7C1088x0%7C0x-1&msz=1088x0%7C1088x0%7C1088x0%7C0x-1&fws=4%2C4%2C4%2C644&ohw=1088%2C1088%2C1088%2C1600&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=true&ga_cid=1570992650.1653458601&btvi=1%7C2%7C3%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d9f592fb3d52da116ffab72688e08756bf414ecb16e614a4ed2120960ad1e9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16789
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9970 6 KB
4 KB 170ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c5cbb1d2128d57b74fc6.js Show response
yastatic.net/partner-code-bundles/586016/ 37 KB
10 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/586016/c5cbb1d2128d57b74fc6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

39677cc4e91cffde2abdf04499da371d458713c43742e2aa4578b7a7fd9695d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10057
last-modified: Mon, 23 May 2022 15:21:12 GMT
server: nginx/1.17.9
etag: "141d39984fac45ace631a6328146f41a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2052 12:35:17 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
230 B 163ms
61ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=60e8f42b2a93bc7d&pm=cyz&p5=lngbo&ad-session-id=6239761653458601621&utg=oxum&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=kfadurj&sj=OL6w8MmUISI05oYVOSbC9UTLj4JbDd-98eKh7yO7McWjkVJ8bgMQo9w-TOvjrQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsny&rqs=qT7h-2HYASOpxo1ihERRpoq6uvaKG405

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2367573/220509_adfox_1902305_5259320.9800e8b3c0d8092a7e91ec5a613c8afe.jpg/ 30 KB
31 KB 209ms
99ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2367573/220509_adfox_1902305_5259320.9800e8b3c0d8092a7e91ec5a613c8afe.jpg/optimize.webp
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a99bfdededfa3332929850cf132cb86c48e203ffee6aa4204861178669011cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 10 May 2022 03:41:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 31060
x-request-id: 33bea37b16468a64

OPTIONS
H2 204 recommendations
webapi.nur.kz/ Frame 0
0 129ms
106ms Preflight 91.215.139.235
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.nur.kz/recommendations?userId=706b2892-c255-479b-b9f3-58d0c90fb0c6&limit=50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 600
date: Wed, 25 May 2022 06:03:22 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers

GET
H2 200 recommendations Show response
webapi.nur.kz/ 29 KB
8 KB 349ms
348ms Fetch
application/json 91.215.139.235
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=706b2892-c255-479b-b9f3-58d0c90fb0c6&limit=50

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a87e980e9a8004586d408e4d4968f2a816c405ab38aeea9960f9034b635e6dea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"7458-3uMfQQ8dVZhhud2lMDohzk1yrGk"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

POST
H2 204 collect Show response
j.clarity.ms/ 0
67 B 96ms
96ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Wed, 25 May 2022 06:03:21 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 arrow-down.svg
www.nur.kz/nur/img/icons/ 158 B
459 B 104ms
103ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-down.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: W/"628b6d73-9e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 arrow-up.svg
www.nur.kz/nur/img/icons/ 150 B
461 B 104ms
103ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-up.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: W/"628b6d73-96"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 145ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/586016/8a9baf5c0a42eaa9d8cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e45b49a5bca951ef16fed7228a06848396f6eae8136372a203bc656fc52f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56667
x-xss-protection: 0
server: cafe
etag: 14015234669451843907
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 76ms
73ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=ae52babc2d0abe07&pm=cyz&p5=kunhv&ad-session-id=6239761653458601621&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=xeldpg&sj=Z_lSr_ZTFZW3liuaT2Mdb05wYr_QhLbXeIdYJB0CudqJ9y3_6pakoqrchrEcAQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsnx&rqs=qc6KKAVqCXapxo1iiRwVuJ2GQPuSnbhl

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E28 6 KB
3 KB 113ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAFB 6 KB
3 KB 111ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 819C 6 KB
3 KB 102ms
37ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 312 KB
111 KB 147ms
69ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2b7c588ff22430fa730b8dfb76180f58d6f77517f5fc46797568dfb8431e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113970
x-xss-protection: 0
server: cafe
etag: 17924068447879727129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 6F67 10 KB
5 KB 125ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Tue, 07 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 819C 0
0 69ms
68ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl3FtqcaNYoa0OdCJ7gP6_5DwAsme0rFcxbKY93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAvY9KmWPArI-4AIAqAMBqgTfAU_QGwNdtb0lJiMeoOMH9Zdh30xwZLfrwxwhmejwJGcvYZrIQGx1cRMj4kSBqCmwO_Fs3pg8EJ-Z-K5pJv-uBuhnRJISSDgxrlG6HCfbBSA8o216bzqeNXorELVOl3g7mzweVwXx4ypwYSH28qaggeilj3WAODjBVt259YGbEvpE2Qhxd-V6m4a55ZQIxQRZgmNmnW2ZP5zhHGlZ7sgZDD6DdttVtgQQ3_4mNP0qYFdyXbNVlz9hsGlm650zNlTp5a6V1qR2pBXCJKPLXPFlAN4Y54RWEf7EW5LsK53YsSfgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg1ODAxOTY0MjcyMDkzMTQYwZBq&sigh=n4lz-IIjRQI&uach_m=[UACH]&cid=CAQSPgCNIrLMZ6-ILxe4JXuxhC8MEhf7rGuoB9Uk0HUzWxGzX2tLcEgOR6ziUrPRztiihZs3iz7KGm5QkofrAOn-GAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 819C 0
0 58ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Err5RNQHyAGdg2ICAgAAAJ08UUBYP1SW02Tfx6oU-b4QqcaNYgiIVaSXg_S4YdowABIAAA&wp=Yo3GqQAOWgYKe4TQAAQ_-qpjSsGU0_RxBM-0Kg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 272630
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 835C 141 KB
47 KB 147ms
115ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWgYKe4TQAAQ_-qpjSsGU0_RxBM-0Kg&u=%7CroWn9CFp1181tYIGHGixv%2F7HiW%2FEWmV2TLpXeQRlkOQ%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq8eSNa5GkYC5_UVfiH9deZMdXcw3UOeFKQSHtb92apHbiIxh7ePVlU7Epoyc5zIQUJRA88dex3M1A_0rQUyOoh2hx5ilpU6bbclyiWkXGNGLewxFxjkZTPJZh0N5gvARW3j5syeg8TbQhAqFQ8XQ1-wfLmosLEGNm8PVrtJpR2GkES1DhnMj9HayycPYwvudHc9WgxVLdKxWdOSCWn88BzI4m9HK8DYGfr2_fm9qXP6sbwxhPHbUF4mkd7PHyi6x3WZsBTQgQ1JU_V30QHPeKLMFxhd5nJrjIiOZZSl3Ia9RSNQ_6pw-Iodx-8UCffvA6LCIs3RjDdzwa8sbvWMLteMLw24eLeVte9BLYojTGFUcmmkaLaRgE4GGaaDD1jNgYw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj4gjqcaNYoa0OdCJ7gP6_5DwAsme0rFcxbKY93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAvY9KmWPArI-4AIAqAMBqgTiAU_QGwNdtb0lJiMeoOMH9Zdh30xwZLfrwxwhmejwJGcvYZrIQGx1cRMj4kSBqCmwO_Fs3pg8EJ-Z-K5pJv-uBuhnRJISSDgxrlG6HCfbBSA8o216bzqeNXorELVOl3g7mzweVwXx4ypwYSH28qaggeilj3WAODjBVt259YGbEvpE2Qhxd-V6m4a55ZQIxQRZgmNmnW2ZP5zhHGlZ7sgZDD6DdttVtgQQ3_4mNP0qYFdyXbNVlz9hsGlmqZ8SpNNmeb0qSrDVdChk3KrfVkdvLsaaU0xrtwx7Rb70rjdcopgdKCzgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zqn7Q6xB3s3H0sPjEw6pbgwoNRQ%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a8a3efbadb8f4d7877fac10dde23ce704721e65ca08d35015276a3bda7f5889a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pXzR3nUVBAaJ0xOJaGTJFbn9Z8EfZmXsQaFMuQHHX1575AY3Zy7HNGvaFBPuZ060F42qZfMBIbSag_uwke83S7SUTB_UPAy6Z-1kBCDs9lYW49oSd12dTnd63wLFurxhNMVMrY1_qThcQqG3bg4H1SU5fo_Jky-HImL1vj5tA5dQ4qeyJ6soH7cceiWN-rcqcEk2wWt38JoOvMzsM1OKTKoX67_SJVDBufxIp0poRaFM01-3tgmb2nA8tkbf2FaIfG82sQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 99400406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 819C 3 KB
1 KB 175ms
88ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:55:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 819C 17 KB
8 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 819C 0
0 36ms
35ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBp0oBPJIxNgPElChcnCqsttQhPzbe_qpV-trrT9CaR3MSow15pCeLqDFCrkeYHH1VcsaolMatk51H7blikved_FlYPw
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 819C 22 KB
7 KB 129ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 819C 136 KB
42 KB 204ms
124ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C0CF 624 B
594 B 51ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivtde9ATAB&v=APEucNXe5OM3CgRoXnt2fVitqq6mDKvOfa85ARaeIcQMZiXMZuVlVL9akaqqx2COFM8RfIvyI0nn06WMCtnIStimOiQ__sQocwSYnK7vnKFpFfLW4LY011HAXX7kyqSwaCBUsVc8s76PQZ0cgpIj8sebmapmTn-xHhYkERnXmJ6Vw-tBYFCvWxM

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Wed, 25 May 2022 06:03:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5E28 83 KB
34 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2fSpoSMO6wknM0pZugl1-U8bJLK1BfnyjFlVdN3oU-lcjTYHhxGDAsjuAAeb7WhSkUAJaUzNgtHmKzlqWN0vIEzABQ0QWxLh6uG5nW1FiN1E9FVt7gsj5b2DmuSEV2Nm86IoV-2G1v2gfkzp4m3VIf_C7VA&dbm_d=AKAmf-BiUMZBWhnXfAQacsyKy6O_nVXSqZlJHMtDlLiXjbfqNdIhIZA_n-PpxPp6g11ySJ9btHYCBmv_DYnVuvgJcBpPcmwLU5KbFNWFgNDjq7Ox0la8-Z6I22FEk7l722hPgQ7LIAFgZ0zV2N_KlFci7ykYxF0rQKt7TB2XXLNaBoXA0np_Zb3Pwig5ie3biMiVxtKKNzE-OKH5eqml0lT1Eq8dO-fMyosaFYzMcFvwrbCv3YOQuhIaL-JfGxZUeK-i4sQ7sHhE746yvZG3xmT0EWY6QF3dzVUK0Qgp-IFJTyFNnObPW2EjlyzQYPMXS3Mh4ObCkVb_xVntDv6HP9BWnNU-jITteUseMzzwIn2gnpSkKRyJxn2A_jKU8yDmS7XZTOvyoFV7YzE2BZ9IN1LOM4R5wwqG41sjwMhyJxT9DoCX19_RjrtT9hcrhAJJiSL4cS57dlAZdE-FIRwVPr_Ml-nD8CqpuvzzUlX9ubL6tKe6EqoOhuadwOyIXFSS-37RAhwfoKhEdYf_vCjxWfSzO8gqxOJYAFRQ-sSUk4MubvdN596q33smnfIV2qCk4wGW0ajmtYmvj-f_AcYSdT8MsD2EGHtkSqNiLzqRIe4LMjMjHcfYYVm-nIKdOXDSoNd6tORQCxL9Dv2e_6TttnC60VlscDPMb8q9zLUh5a2A4PLbNg7BSDbJpywScfyJU5VAe5NgK-RPagsBfJ9yv4FQ2hYe-Nchjqbd3LQAAhhnpO8ixmej_U_cRJ9Z8HvQPOZn-g2Uw7WZ4o0Db4q3-c0OZVpat2o7w2T3-g8HUsFh9ZPm55ain_TVqX14kEapGe67gvdpIW7cCe-pBrNrM5Vlhuq6vaAsJX0f8e5dLsBdFWNZQwn2h1nJEnxInLzByi2H0V4HL1DwiyB6kWdBtYzCLbd8LMW7I1oTmjYwZSM-nwiN_At92FnZudUMkYeSRo9bohUDpBYVSMb5mImcTWvutJK_5EF2lD02N47HpEE8kMbTKtjEndz5ockQwf1Lukd1iy2dHXue_4tAygrBlXvaMbXMRPszhVJcbVewiqtK-ZfAtx6gX-SVRDcc29KIU8ye_hOLwiuPFhs6D_7VNz6eXLrn18ZJOI9MtELYL4Y1wf4pmfXmfirFQ05T8KGTkR5MNwZrKS5seE5xCUDf2WEQz9hMih9o4AdtlLOVSvNPRGmxg3zfdk2ahB1LbImpk_dPg-3JuG7Ee1Bunp4aLDof8EHHcl7tIUvpCCnLd8pULrW66urhKkmNcwrH7MvV7NdcxuVpZIZspTn3O1Ue-xmMGr2pJIvVWXpAVO9njYiwj2L5sarZGxXMQvqfgeVCVnxrqjBVLkzKGSGk2o_bQdt5foVoZnb1CZj-pgH3jRaf_l6N_G6p6ErXq9lx_8SMIB8J-Sky2A1s-aAtH0S0KtB8ISLlIz5jEgicGYsYKWokZEl5u-zO9Fud1m5keb-I8hHZnUYJK2Rca6TYDHAS9zfM9vTR2qe-_yZLxlpOseOP00RkUMcYkmQy7h3yrceRGDmq5VEuYs2pVv-Ast01alMgQYrNKw9G-LZDIf05dUr0vQ7XO9kkMfH-eIl-q0GJoWArEmc0TMs7GEDVioOt4WbV_enVxx8TOgXOGrq42ifMqDiXFFvPbIE1j1S8iY64oUaVN20stKo9JdehM1E93cFvX-6RJoaAmK30YbrVk5QXVpxNF8aGRc7mpavOnoDDj1t6TIVnHuoF70Dl3idzzby6zmuEo-b1dETeeezYVo9QkLVQ-Run0LkgLh4QAVcVPh_6rOnrs3BIFmMHT-8tdJ0drYNyOAfiWZwKlnTs1w4Cd1HSVEaONZLVPnehamtjg-nvmW02zHwBWpsfxEnvXSWJY_Iax1mQ14gKu_W_wDl_tuS7zewOArKeC3mxUxT3jiNjp6_580KKSdudMTb2TPLou3iB3kDBGUeRV-It3IvuXQKFhz5-W61Tm1ka4XJVp9eB6m-F4-fSKBwswLuEfMJ6DVceMU67TOZRlUvipx8LzaCOVteTcXnTFUE6uv1ckaoJQBLhjc2Ta9eHa0sTcuqgeKRhNxjrguxf_h9UVdNXuTKpRUtp8hKy1Oxb9RrYHfWx-qNNl2rrQ_j9QhvVLdxPkiqOdGfCkP25uOcaXohWrcRAXqdgOOA0bU2CdRoKTV56J9791_UHCcyihJZRgiXFzVFfxgqtO9eRCPJ-KPKoT79u5a-zneTOebxa1ODzEbWEBEUiT2pk0Zq8ZwQIvZP3hHaTgz-SWoGaUIb0gyhsA9-_wqLl97vZcIxhqdjlVej8XM4d81M7r_ujQ2OJsYD2nmzxs0SoAknbdQbC7gtz2Ag-L32aJRt9pWIy-92rJJV9YVJBHx8APNg7jUyeWjizMwYedjoqV-78CPSBeC7tMrcicrATkLY3aeLeRn5V0Oo_t8AoO_rF-MJx12VkJXxGbU8-pWXp_EDoiFZT0F1WLXsk7FInzG86h8X3W1yXacO6GtpsQcagGH7VBjNtyB0Tf0uu4K3Uo52z4IHQhes2-IT8E3ewr2j0pQ2gAirgv91E2i1ADjsCHWqpJgUL54wMZkTry1i6xFbDVBSOW0kGE3BoUQ7TyPHevbF7qBETXN2M-9AzYeal1qmELoOQR9qvH4xjOgW6WUAd4WaOhx0THRlRcv_UZwt4YOzyYwkvQib0Nv0mI3T1CrH6nF4xOvtVg0OBaa98PzVvnVOm3wdR6wvur7WjeaYQd4BCsheVq_EqSO6Mr0MrtNEx4GqylhJHO5mxzzdNGXnv-J1xeAMjH_ySZC_nw6JaY7cM_hA0mHMWBo9RNDJqaXYtGUTXi5EgY6r_Urz8cUNTLc8IYkFkxsuxAsI5lmCIiO7bvwt2P-RU_r7JZlnCgnewl-cJkk7aIWDlKD1_pMneTN6jCszqw5XU2XWAnOJj77emyJiZLwjBYfANH2q1mBBc4JvcPMefi9WxDqPzFjleGgacnoskxnMT0Qj3OqQriwqtbCD29h_6sjhjmWXd3lR-05YdBqKG2i9v3DOEhcTzLfju08-nAzgyeOFwax5DNGBirrWVQBajBzWLqIxY1sllRrS7wa-pkhDNTd7vIQ&cid=CAASJ-RowwhxMUKq42pwck5td3SHVJxGFeDKZcTRBlHXduDPfnlGxZriGw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6ec9c731e4519c096e7f0a9795f6ba4e8efc57ac0afeb276248ea77e12be55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E28 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ae5G6oQAzXpvDe6qmRvo_rRYQgDlQipUGDk1kagEthR9FKoBfQ5idDxksPCnkjs3cxutlQvMFdUAi_6bEToeq1fyxFUJ8xx9rh5sO8YoBgahv-YEA

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5E28 3 KB
1 KB 170ms
88ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:55:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5E28 17 KB
7 KB 157ms
75ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E28 0
0 35ms
35ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTn4P_OVX2kEpjApWoteJ0WOl6uCAA88MVbJoZvRhpdIe_C5DZ205yi5jst-7jMrFrLpq5DXpHsQa9daj0UPkDKEwnlAA
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E28 136 KB
42 KB 231ms
155ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AAFB 0
0 68ms
68ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuuAEqcaNYs6yOdCJ7gP6_5DwAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAdW20uoDyAEJqQL2PSpljwKyPuACAKgDAaoE3wFP0ATsBnQkVCfetJHnoId1nMu8GFZxfvwElE5dYs9ZF74PONXpvMXlldwdet4K20CIoL-z5HZXQVdb35MFs7NQGftFAYcp3aFyOFxy3n1_1JvwMSYDHYvc0vE-8gW-32f4KoBMMIgkf1qFr9TvOSgzMAVeZWogXZCbcrveQqGdini0M2zhir68aNNDuB7vETi-57fAbJm2kNaZm286szgj252NWUDdHRLo5jNBoDhCxO5kgQpZ6SIw7dJCGGcZIfgtQDgkpgZHBgmm-XZqvGbL9ZcLNuidBgdOBvpe7aLL4AQBgAaJiPDzjaCK-XugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NTgwMTk2NDI3MjA5MzE0GMGQag&sigh=q1z1I1JyzXs&uach_m=[UACH]&cid=CAQSPgCNIrLMZ6-ILxe4JXuxhC8MEhf7rGuoB9Uk0HUzWxGzX2tLcEgOR6ziUrPRztiihZs3iz7KGm5QkofrAOn-GAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AAFB 0
0 159ms
124ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Err5RNQHyAGdg2ICAgAAAJ08UUBYP1SW02Tfx6oU-b4QqcaNYsnv9HEZ7_FlYgcOABIAAA&wp=Yo3GqQAOWU4Ke4TQAAQ_-rr79olQAlQq_0KzXQ

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 347857
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 601B 137 KB
46 KB 116ms
91ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWU4Ke4TQAAQ_-rr79olQAlQq_0KzXQ&u=%7CroWn9CFp11%2BbJzQ1%2B9eAsDEUjVSFAw7z4HdaWGC%2FXQk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq_x2F10iwDg3050iE8yT4kPctGziG8dlz9MOu4PT_2UMgBxJj7_oWAcGH-ZN9b8xB-9wd6SgZFOTHLdztPSJXBqmcT4g8LnJjFjXLkvyVeRbgGG3ZOxWwvO_5pCVKCtSIFrmfhhUi61tx_YNXVQ0rEKxmznR9FOV-eeYN9Y-mok8U0YxY5bbIYP-nZt7MPA3DTMXJoYdFdGwyQ3mx7xm3fXH1D5BPshfFxLob3D6FLPwgHT87Urps2tB-2EJ-EsDlx_GeiXeo_0T4RT2dhsLlxGzuTgANGIsjnIoZ5mhV9sC7EYhuB6B08n8rsz7_i9kueUd93-jIB_HIDF4Zd8IqStyFYE74QQIgFMjULPOqWUu4VCbmYbrvaE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC5hqcaNYs6yOdCJ7gP6_5DwAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAdW20uoDyAEJqQL2PSpljwKyPuACAKgDAaoE4gFP0ATsBnQkVCfetJHnoId1nMu8GFZxfvwElE5dYs9ZF74PONXpvMXlldwdet4K20CIoL-z5HZXQVdb35MFs7NQGftFAYcp3aFyOFxy3n1_1JvwMSYDHYvc0vE-8gW-32f4KoBMMIgkf1qFr9TvOSgzMAVeZWogXZCbcrveQqGdini0M2zhir68aNNDuB7vETi-57fAbJm2kNaZm286szgj252NWUDdHRLo5jNBoDhCxO5kgQpZ6SIw7ZBAOfWermQ-_6QwBdZ6oPGv7XzctkjTdyPDC05vuRliHn_0abF0UsiW4AQBgAaJiPDzjaCK-XugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrvuVdUBhVjOsBHukROXGKl0yGg%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4cb1c187d62b84eefac8e3616a0f09b11a60db20f38fede59e7aa7634778d32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JE0WF3UVBAaJ0xOJDPUXG7pZhzmbw_CHczecgutXDkHtw2El8Fghp3XD6zGbEC1Wr4IGTzFiq1ujaIwE9Ck5AKtCwE4JqrNcrSjW5hKoYeSNhG3HeZ2zNhTkVTMkTTP20oXVWgg4aFU5mfmL0LsWwPA-0WweSsiOK0VIZsq4I5bbdp8ySqe9jXsNDUwgOLg_GCeeH--6ZrK4ldC2Wz9j9C3Q4wWNUvyNT6uBVPWdbO1lSU8LM1GPS4FOlJr8dRYZ2-G1Mg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 75147171
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AAFB 3 KB
1 KB 167ms
87ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:55:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AAFB 17 KB
7 KB 160ms
80ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAFB 0
0 35ms
34ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAO4Zl3Y8e1gwCk8oPP5KDa5p4Za6502DERCbRay_FR6_GUVf9jV6AiVqPF2YalvWmZEakkDxU99_NiuXvLX-F8Uxznw
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AAFB 22 KB
7 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAFB 136 KB
42 KB 149ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 200 17f57e77e5a80897.webp
cdn.nur.kz/images/272x153/ 6 KB
7 KB 104ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17f57e77e5a80897.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 18 May 2022 13:13:12 GMT
server: nginx
x-cs: HIT
etag: "78940a0c6626dcdd7aaaf26e2cd0bc93"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6454
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 92673a58b6d85104.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 104ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/92673a58b6d85104.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c6334df911b12e50cffb9153fc8799401f6509c4ffe20b4054ddb2ba7a1ccf6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 18 May 2022 09:19:40 GMT
server: nginx
x-cs: HIT
etag: "9b1000515c7cfbc3f6178403d77e63e6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4622
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 f7bb2c953618f916.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 104ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f7bb2c953618f916.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 17 May 2022 00:13:00 GMT
server: nginx
x-cs: HIT
etag: "2045645c55cc2f2298c841c5687c6221"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7552
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 4a764c3c0e2760ce.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 105ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4a764c3c0e2760ce.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

da96a933feeba485b5e59758abb2acbb369cf407d9d9f814e767936387c26b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 07:04:17 GMT
server: nginx
x-cs: HIT
etag: "94308097c92656b6e4e950939514662e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4036
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 0dbcc91cd23121af.webp
cdn.nur.kz/images/272x153/ 26 KB
27 KB 105ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/0dbcc91cd23121af.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

fa3488c1f1546fd2dc0e99ba16137ac11217dfb19f3f79c41d6cc24669668f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Fri, 28 Jan 2022 07:31:41 GMT
server: nginx
x-cs: HIT
etag: "7b0f681a60099d1b6742340b2c573b83"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 26814
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 23a408be3a3fbffc.webp
cdn.nur.kz/images/272x153/ 29 KB
30 KB 205ms
202ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/23a408be3a3fbffc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f28828f3ffce25773f3c3a7abd63d463b5820d32d7951b300924a30d6632ecb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Sun, 22 May 2022 16:33:29 GMT
server: nginx
x-cs: HIT
etag: "fb14d8f6708ce9c3c0bb0e8bd2dde25e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 30176
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 9fe53a0f98d27e18.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 206ms
204ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9fe53a0f98d27e18.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

40fd07abc766d5d6ff76218eacb62fe919e429e65a3cbea9b941a45a6dbe7048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 17 May 2022 00:21:51 GMT
server: nginx
x-cs: HIT
etag: "2e430a9a450a9a0ca53b5ad6fe659ee1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5388
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 d6984bfbefe46c72.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 206ms
204ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d6984bfbefe46c72.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 14:19:38 GMT
server: nginx
x-cs: HIT
etag: "160f9b58ca30130b065a79b7a3e4f03a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4010
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 90aae343c5d2d90b.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 206ms
204ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/90aae343c5d2d90b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 06:56:52 GMT
server: nginx
x-cs: HIT
etag: "e490f9f130434dc1ba73cf1d0cf924bb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5342
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 7fc46bb01c181fb8.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 206ms
204ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7fc46bb01c181fb8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e149e2e10ef304e7c24654754ca3ec8684e02bed893a785e14b57df3be3feaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 05 May 2022 19:18:09 GMT
server: nginx
x-cs: HIT
etag: "f9cae50720b900f40e0934f0257aa1d2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3906
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 app-adv.png
www.nur.kz/nur/img/ 76 KB
76 KB 105ms
104ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/app-adv.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:18:11 GMT
server: nginx
etag: "628b6d73-12ee6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 77542
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C0CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsoqzPyqrJ0pNwt83ZRh-M&google_cver=1

43 B
1014 B

82ms
52ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsoqzPyqrJ0pNwt83ZRh-M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivtde9ATAB&v=APEucNXe5OM3CgRoXnt2fVitqq6mDKvOfa85ARaeIcQMZiXMZuVlVL9akaqqx2COFM8RfIvyI0nn06WMCtnIStimOiQ__sQocwSYnK7vnKFpFfLW4LY011HAXX7kyqSwaCBUsVc8s76PQZ0cgpIj8sebmapmTn-xHhYkERnXmJ6Vw-tBYFCvWxM
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 06:03:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsoqzPyqrJ0pNwt83ZRh-M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C0CF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo3GqvEYIQVjtMySaSk2awAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPcpfq2EA-9xxRFWal05eM&google_cver=1

43 B
1014 B

37ms
37ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPcpfq2EA-9xxRFWal05eM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivtde9ATAB&v=APEucNXe5OM3CgRoXnt2fVitqq6mDKvOfa85ARaeIcQMZiXMZuVlVL9akaqqx2COFM8RfIvyI0nn06WMCtnIStimOiQ__sQocwSYnK7vnKFpFfLW4LY011HAXX7kyqSwaCBUsVc8s76PQZ0cgpIj8sebmapmTn-xHhYkERnXmJ6Vw-tBYFCvWxM
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 06:03:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPcpfq2EA-9xxRFWal05eM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C0CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBUmngfVbX9JfN6lilqvsxs&google_cver=1

43 B
1020 B

20ms
8ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBUmngfVbX9JfN6lilqvsxs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivtde9ATAB&v=APEucNXe5OM3CgRoXnt2fVitqq6mDKvOfa85ARaeIcQMZiXMZuVlVL9akaqqx2COFM8RfIvyI0nn06WMCtnIStimOiQ__sQocwSYnK7vnKFpFfLW4LY011HAXX7kyqSwaCBUsVc8s76PQZ0cgpIj8sebmapmTn-xHhYkERnXmJ6Vw-tBYFCvWxM

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:22 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c64883a0-366d-4d0a-8695-bffd6de16160
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBUmngfVbX9JfN6lilqvsxs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C0CF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4Nzg0Mjk0MTY1MDQ0ODIzMw%3D%3D

170 B
188 B

132ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4Nzg0Mjk0MTY1MDQ0ODIzMw%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:22 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9a5558b6-9084-4c28-bcdf-545834193be3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4Nzg0Mjk0MTY1MDQ0ODIzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1e9ba4e3823f6a8d.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 128ms
125ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/1e9ba4e3823f6a8d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

97cc347de0f2bb5694b606cb966b8175d8aeded8604a66fa58575a81b85c99af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 19 May 2022 10:26:36 GMT
server: nginx
x-cs: HIT
etag: "05b8ef2ef6efb0fe9b9779ccdb46a15f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4718
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 20880df1d87f0bcf.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 128ms
125ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/20880df1d87f0bcf.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 10 May 2022 00:48:33 GMT
server: nginx
x-cs: HIT
etag: "884f457d9a18170fdbc7734fa9933941"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7404
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 c22c868fc0ba8816.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 128ms
125ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/c22c868fc0ba8816.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9c2dd75c175466bfeae087c24e6809cb97621deb1b6c5c23b11c009aaed2a556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Mon, 17 May 2021 08:48:32 GMT
server: nginx
x-cs: HIT
etag: "63460dddc7bcb288907fe99dda0e1eea"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6154
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 17e993e11077e439.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 128ms
125ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17e993e11077e439.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Sun, 22 May 2022 14:35:20 GMT
server: nginx
x-cs: HIT
etag: "bbf8e1fcbdf09c5e66e99fd9f20030b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4180
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 004b2260f09efdfe.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 129ms
126ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/004b2260f09efdfe.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 09:43:40 GMT
server: nginx
x-cs: HIT
etag: "7fdb5d4036d66d1abc7ccf4afa53add9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2622
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 a2741ede35e650cc.webp
cdn.nur.kz/images/272x153/ 38 KB
38 KB 129ms
126ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a2741ede35e650cc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 08:19:15 GMT
server: nginx
x-cs: HIT
etag: "c7a9f05c5b9ea5483754d2cdbdd1a58b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 38704
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 889399bfff55351f.webp
cdn.nur.kz/images/272x153/ 40 KB
40 KB 129ms
127ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/889399bfff55351f.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Sat, 21 May 2022 10:14:08 GMT
server: nginx
x-cs: HIT
etag: "26341ecd81762334ee2c043df8b0c0df"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 40790
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 44161419789e5bf0.webp
cdn.nur.kz/images/272x153/ 32 KB
32 KB 227ms
225ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/44161419789e5bf0.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 09:09:30 GMT
server: nginx
x-cs: HIT
etag: "54f843d50b313d1d1b7c57fa1196f9c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 32712
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 4087cde4838e3750.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 227ms
226ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4087cde4838e3750.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d2c60a3c0032720034c0add9cc551bea870363ce197335580029ac540a56221a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 01 Mar 2022 09:30:00 GMT
server: nginx
x-cs: HIT
etag: "c37e84f16f4a4a17c36934956c4ed976"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7796
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 4b0d0875e9133697.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 227ms
226ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4b0d0875e9133697.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 10:48:37 GMT
server: nginx
x-cs: HIT
etag: "d046d50098453b33ee4f3b10e805b5fd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4088
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 295ms
294ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973602572337587&correlator=1400491650961114&eid=31067720&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=7&adks=1117135079&sfv=1-0-38&ecs=20220525&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&abxe=1&dt=1653458602553&dlt=1653458601180&idt=387&biw=1600&bih=1200&adxs=295&adys=15587&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=true&ga_cid=1570992650.1653458601&btvi=4&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

874a35dce22fd7658f32ddc352b1b2fda24fe8e01a6dbf31fa22d0b85bff1534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12165
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5E28 170 KB
59 KB 129ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Origin: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 13:12:08 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/ Frame 5E28 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2fSpoSMO6wknM0pZugl1-U8bJLK1BfnyjFlVdN3oU-lcjTYHhxGDAsjuAAeb7WhSkUAJaUzNgtHmKzlqWN0vIEzABQ0QWxLh6uG5nW1FiN1E9FVt7gsj5b2DmuSEV2Nm86IoV-2G1v2gfkzp4m3VIf_C7VA&dbm_d=AKAmf-BiUMZBWhnXfAQacsyKy6O_nVXSqZlJHMtDlLiXjbfqNdIhIZA_n-PpxPp6g11ySJ9btHYCBmv_DYnVuvgJcBpPcmwLU5KbFNWFgNDjq7Ox0la8-Z6I22FEk7l722hPgQ7LIAFgZ0zV2N_KlFci7ykYxF0rQKt7TB2XXLNaBoXA0np_Zb3Pwig5ie3biMiVxtKKNzE-OKH5eqml0lT1Eq8dO-fMyosaFYzMcFvwrbCv3YOQuhIaL-JfGxZUeK-i4sQ7sHhE746yvZG3xmT0EWY6QF3dzVUK0Qgp-IFJTyFNnObPW2EjlyzQYPMXS3Mh4ObCkVb_xVntDv6HP9BWnNU-jITteUseMzzwIn2gnpSkKRyJxn2A_jKU8yDmS7XZTOvyoFV7YzE2BZ9IN1LOM4R5wwqG41sjwMhyJxT9DoCX19_RjrtT9hcrhAJJiSL4cS57dlAZdE-FIRwVPr_Ml-nD8CqpuvzzUlX9ubL6tKe6EqoOhuadwOyIXFSS-37RAhwfoKhEdYf_vCjxWfSzO8gqxOJYAFRQ-sSUk4MubvdN596q33smnfIV2qCk4wGW0ajmtYmvj-f_AcYSdT8MsD2EGHtkSqNiLzqRIe4LMjMjHcfYYVm-nIKdOXDSoNd6tORQCxL9Dv2e_6TttnC60VlscDPMb8q9zLUh5a2A4PLbNg7BSDbJpywScfyJU5VAe5NgK-RPagsBfJ9yv4FQ2hYe-Nchjqbd3LQAAhhnpO8ixmej_U_cRJ9Z8HvQPOZn-g2Uw7WZ4o0Db4q3-c0OZVpat2o7w2T3-g8HUsFh9ZPm55ain_TVqX14kEapGe67gvdpIW7cCe-pBrNrM5Vlhuq6vaAsJX0f8e5dLsBdFWNZQwn2h1nJEnxInLzByi2H0V4HL1DwiyB6kWdBtYzCLbd8LMW7I1oTmjYwZSM-nwiN_At92FnZudUMkYeSRo9bohUDpBYVSMb5mImcTWvutJK_5EF2lD02N47HpEE8kMbTKtjEndz5ockQwf1Lukd1iy2dHXue_4tAygrBlXvaMbXMRPszhVJcbVewiqtK-ZfAtx6gX-SVRDcc29KIU8ye_hOLwiuPFhs6D_7VNz6eXLrn18ZJOI9MtELYL4Y1wf4pmfXmfirFQ05T8KGTkR5MNwZrKS5seE5xCUDf2WEQz9hMih9o4AdtlLOVSvNPRGmxg3zfdk2ahB1LbImpk_dPg-3JuG7Ee1Bunp4aLDof8EHHcl7tIUvpCCnLd8pULrW66urhKkmNcwrH7MvV7NdcxuVpZIZspTn3O1Ue-xmMGr2pJIvVWXpAVO9njYiwj2L5sarZGxXMQvqfgeVCVnxrqjBVLkzKGSGk2o_bQdt5foVoZnb1CZj-pgH3jRaf_l6N_G6p6ErXq9lx_8SMIB8J-Sky2A1s-aAtH0S0KtB8ISLlIz5jEgicGYsYKWokZEl5u-zO9Fud1m5keb-I8hHZnUYJK2Rca6TYDHAS9zfM9vTR2qe-_yZLxlpOseOP00RkUMcYkmQy7h3yrceRGDmq5VEuYs2pVv-Ast01alMgQYrNKw9G-LZDIf05dUr0vQ7XO9kkMfH-eIl-q0GJoWArEmc0TMs7GEDVioOt4WbV_enVxx8TOgXOGrq42ifMqDiXFFvPbIE1j1S8iY64oUaVN20stKo9JdehM1E93cFvX-6RJoaAmK30YbrVk5QXVpxNF8aGRc7mpavOnoDDj1t6TIVnHuoF70Dl3idzzby6zmuEo-b1dETeeezYVo9QkLVQ-Run0LkgLh4QAVcVPh_6rOnrs3BIFmMHT-8tdJ0drYNyOAfiWZwKlnTs1w4Cd1HSVEaONZLVPnehamtjg-nvmW02zHwBWpsfxEnvXSWJY_Iax1mQ14gKu_W_wDl_tuS7zewOArKeC3mxUxT3jiNjp6_580KKSdudMTb2TPLou3iB3kDBGUeRV-It3IvuXQKFhz5-W61Tm1ka4XJVp9eB6m-F4-fSKBwswLuEfMJ6DVceMU67TOZRlUvipx8LzaCOVteTcXnTFUE6uv1ckaoJQBLhjc2Ta9eHa0sTcuqgeKRhNxjrguxf_h9UVdNXuTKpRUtp8hKy1Oxb9RrYHfWx-qNNl2rrQ_j9QhvVLdxPkiqOdGfCkP25uOcaXohWrcRAXqdgOOA0bU2CdRoKTV56J9791_UHCcyihJZRgiXFzVFfxgqtO9eRCPJ-KPKoT79u5a-zneTOebxa1ODzEbWEBEUiT2pk0Zq8ZwQIvZP3hHaTgz-SWoGaUIb0gyhsA9-_wqLl97vZcIxhqdjlVej8XM4d81M7r_ujQ2OJsYD2nmzxs0SoAknbdQbC7gtz2Ag-L32aJRt9pWIy-92rJJV9YVJBHx8APNg7jUyeWjizMwYedjoqV-78CPSBeC7tMrcicrATkLY3aeLeRn5V0Oo_t8AoO_rF-MJx12VkJXxGbU8-pWXp_EDoiFZT0F1WLXsk7FInzG86h8X3W1yXacO6GtpsQcagGH7VBjNtyB0Tf0uu4K3Uo52z4IHQhes2-IT8E3ewr2j0pQ2gAirgv91E2i1ADjsCHWqpJgUL54wMZkTry1i6xFbDVBSOW0kGE3BoUQ7TyPHevbF7qBETXN2M-9AzYeal1qmELoOQR9qvH4xjOgW6WUAd4WaOhx0THRlRcv_UZwt4YOzyYwkvQib0Nv0mI3T1CrH6nF4xOvtVg0OBaa98PzVvnVOm3wdR6wvur7WjeaYQd4BCsheVq_EqSO6Mr0MrtNEx4GqylhJHO5mxzzdNGXnv-J1xeAMjH_ySZC_nw6JaY7cM_hA0mHMWBo9RNDJqaXYtGUTXi5EgY6r_Urz8cUNTLc8IYkFkxsuxAsI5lmCIiO7bvwt2P-RU_r7JZlnCgnewl-cJkk7aIWDlKD1_pMneTN6jCszqw5XU2XWAnOJj77emyJiZLwjBYfANH2q1mBBc4JvcPMefi9WxDqPzFjleGgacnoskxnMT0Qj3OqQriwqtbCD29h_6sjhjmWXd3lR-05YdBqKG2i9v3DOEhcTzLfju08-nAzgyeOFwax5DNGBirrWVQBajBzWLqIxY1sllRrS7wa-pkhDNTd7vIQ&cid=CAASJ-RowwhxMUKq42pwck5td3SHVJxGFeDKZcTRBlHXduDPfnlGxZriGw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:58:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 5E28 27 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f2b8c48f20b369362dc65af86c17d672285dad4012c6f0f187c49ad465812b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10524
x-xss-protection: 0
server: cafe
etag: 7053593280098290627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:54:38 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 601B 2 KB
1 KB 51ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWU4Ke4TQAAQ_-rr79olQAlQq_0KzXQ&u=%7CroWn9CFp11%2BbJzQ1%2B9eAsDEUjVSFAw7z4HdaWGC%2FXQk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq_x2F10iwDg3050iE8yT4kPctGziG8dlz9MOu4PT_2UMgBxJj7_oWAcGH-ZN9b8xB-9wd6SgZFOTHLdztPSJXBqmcT4g8LnJjFjXLkvyVeRbgGG3ZOxWwvO_5pCVKCtSIFrmfhhUi61tx_YNXVQ0rEKxmznR9FOV-eeYN9Y-mok8U0YxY5bbIYP-nZt7MPA3DTMXJoYdFdGwyQ3mx7xm3fXH1D5BPshfFxLob3D6FLPwgHT87Urps2tB-2EJ-EsDlx_GeiXeo_0T4RT2dhsLlxGzuTgANGIsjnIoZ5mhV9sC7EYhuB6B08n8rsz7_i9kueUd93-jIB_HIDF4Zd8IqStyFYE74QQIgFMjULPOqWUu4VCbmYbrvaE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC5hqcaNYs6yOdCJ7gP6_5DwAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAdW20uoDyAEJqQL2PSpljwKyPuACAKgDAaoE4gFP0ATsBnQkVCfetJHnoId1nMu8GFZxfvwElE5dYs9ZF74PONXpvMXlldwdet4K20CIoL-z5HZXQVdb35MFs7NQGftFAYcp3aFyOFxy3n1_1JvwMSYDHYvc0vE-8gW-32f4KoBMMIgkf1qFr9TvOSgzMAVeZWogXZCbcrveQqGdini0M2zhir68aNNDuB7vETi-57fAbJm2kNaZm286szgj252NWUDdHRLo5jNBoDhCxO5kgQpZ6SIw7ZBAOfWermQ-_6QwBdZ6oPGv7XzctkjTdyPDC05vuRliHn_0abF0UsiW4AQBgAaJiPDzjaCK-XugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrvuVdUBhVjOsBHukROXGKl0yGg%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 601B 2 KB
1 KB 52ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 601B 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 601B 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 601B 43 B
347 B 52ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=oZ5bV2qAaxkM4kUCQyvZbYlLVcpydfPr3tiJbP8GmQe0MGAMcW3hiyN45DQddl2BDcWeC8hDOl4H1Vb9Ii0_la8l6YpEOHwR7Bf6OU7UDD5HOqVgS_4l-7F_Lo0cq1SBK4JVFbFzE5p-jFJukEMo0Ivd7fEPYa82hSWjrhogA7qYMGv55fATcwIfAF_C3AsC3a7wqiXjo0IO6QiGzTosN9Wa3tUigSi1ddMbBOT5aJxApzT8UXg7yhYByFINrVJiq79ye0-WoKGk_tJAsuTfyxk37dNmD1pScKQfYJGBcM3kyLLZYLfMsV5O7RdKK66LI1IIT7QM8FRKq320cZqia5vBlPcmjM6MopeDgjpER7iJofuOa1yITDl0-aAm6YF48UJCabunaXn4NgkiFaOYdtMZoD1-Jm3Od4ZnfAkWCoxoV2mOEkuQGywhz2Pdjlvz8QKIpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3003896
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
247 B 40ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.nur.kz&callback=_gfp_s_&client=ca-pub-3369263710096163&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.nur.kz%2F&tn=DIV&cls=cookie-popup%20js-cookie-popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E205 0
16 B 183ms
103ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1653458602&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602295&bpp=3&bdt=1115&idt=310&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&nras=1&correlator=5554957263962&frm=20&pv=2&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 835C 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqQAOWgYKe4TQAAQ_-qpjSsGU0_RxBM-0Kg&u=%7CroWn9CFp1181tYIGHGixv%2F7HiW%2FEWmV2TLpXeQRlkOQ%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq8eSNa5GkYC5_UVfiH9deZMdXcw3UOeFKQSHtb92apHbiIxh7ePVlU7Epoyc5zIQUJRA88dex3M1A_0rQUyOoh2hx5ilpU6bbclyiWkXGNGLewxFxjkZTPJZh0N5gvARW3j5syeg8TbQhAqFQ8XQ1-wfLmosLEGNm8PVrtJpR2GkES1DhnMj9HayycPYwvudHc9WgxVLdKxWdOSCWn88BzI4m9HK8DYGfr2_fm9qXP6sbwxhPHbUF4mkd7PHyi6x3WZsBTQgQ1JU_V30QHPeKLMFxhd5nJrjIiOZZSl3Ia9RSNQ_6pw-Iodx-8UCffvA6LCIs3RjDdzwa8sbvWMLteMLw24eLeVte9BLYojTGFUcmmkaLaRgE4GGaaDD1jNgYw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj4gjqcaNYoa0OdCJ7gP6_5DwAsme0rFcxbKY93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAvY9KmWPArI-4AIAqAMBqgTiAU_QGwNdtb0lJiMeoOMH9Zdh30xwZLfrwxwhmejwJGcvYZrIQGx1cRMj4kSBqCmwO_Fs3pg8EJ-Z-K5pJv-uBuhnRJISSDgxrlG6HCfbBSA8o216bzqeNXorELVOl3g7mzweVwXx4ypwYSH28qaggeilj3WAODjBVt259YGbEvpE2Qhxd-V6m4a55ZQIxQRZgmNmnW2ZP5zhHGlZ7sgZDD6DdttVtgQQ3_4mNP0qYFdyXbNVlz9hsGlmqZ8SpNNmeb0qSrDVdChk3KrfVkdvLsaaU0xrtwx7Rb70rjdcopgdKCzgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zqn7Q6xB3s3H0sPjEw6pbgwoNRQ%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 835C 2 KB
1 KB 24ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 835C 308 B
636 B 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 835C 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 835C 43 B
348 B 33ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VL_9CmqAaxkM4kUCQyvZbYlLVcpl1YHn1FiawMcgFJXSoHmRxjRVWluFPCSiQpfvP3fWXK6-zGtm8_tpA3qJKcsezisbe4Dg_A_t2ZlNIiCg2qHF4IegMo5Sggc9On1NgrLVv474CpUic5NhrLeR_ql87sxXixqs30qQasWkgzWCqiPBq1MwE0kC9fwjsQQhHZY4xByZYP4wpNP1eihhAZTACT5fQzqPx7PvsyDXOvWODPXW6u35IzS0n5cOF2d6DpDuZUqFKmS1rJlHgyFavlNaQjcXCOY0brWUsGHr4fmKmuOY20rQGI73MQyY6Oq_m_soU_dgKcQ4rB84NbcXuhoOG7nNXU6V8g73KatTbxd75GSMUlzDbX4ELo1Q1tD-yb6G3aurqoEPTvhHgeD72G04YpAFeKlA3YqWMmn3TsdnjKLkx-CTtnR658dZV75i6c_d2g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:22 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1729676
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 7c48d234b4ed6937.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 105ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7c48d234b4ed6937.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b35200a1f47c1686fa037061d04358d2f3c058c2b10d583a82e5e8af77fb50cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Sun, 22 May 2022 15:05:10 GMT
server: nginx
x-cs: HIT
etag: "70eb86cf8cbd671182ab8aa81f0c0b43"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7244
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 11d1d4db3613c04a.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 106ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/11d1d4db3613c04a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 10:48:37 GMT
server: nginx
x-cs: HIT
etag: "4c0a1dfd5445b19dcc1985e89b24209a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7766
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 8e918abc80e37c61.webp
cdn.nur.kz/images/272x153/ 45 KB
45 KB 106ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/8e918abc80e37c61.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 05 May 2022 02:51:00 GMT
server: nginx
x-cs: HIT
etag: "d1e68afbf026dac265ad137f74493c63"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 45568
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 05835cff2a675bae.webp
cdn.nur.kz/images/272x153/ 2 KB
2 KB 106ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/05835cff2a675bae.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

947192254268002e4be259000333f6c1e3cb755fd7f344816afa1a358dfbf261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 16 Mar 2022 10:20:10 GMT
server: nginx
x-cs: HIT
etag: "c343ed97a25915082c42659f489c2aca"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2146
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 beb2e9715a77a1f2.webp
cdn.nur.kz/images/272x153/ 40 KB
40 KB 106ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/beb2e9715a77a1f2.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bad97355a66f81c608410f6b003f147b1edbb69bb7704ec3dc8f95b38724d1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Thu, 28 Apr 2022 12:31:03 GMT
server: nginx
x-cs: HIT
etag: "ae68535a86c4b50a523a42a79b8cfc6b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 40886
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 2d9e26a6df21abe4.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 107ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2d9e26a6df21abe4.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 26 Apr 2022 18:17:11 GMT
server: nginx
x-cs: HIT
etag: "629a6951f2e5ea0715940db60ff7b819"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4678
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 6a46777559aab299.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 107ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/6a46777559aab299.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

fdaf07e1d6b524a752136f897b3b1ef2de1a0646c241007ef252101b02f968b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 18:57:30 GMT
server: nginx
x-cs: HIT
etag: "201b624aa0ecaeecafd1628f827942e0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4222
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 67941c5567a4394a.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 107ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/67941c5567a4394a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bb0210290b40a104304e48699615f77ea30943e8158cf77fac6708e046cbe5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 04 May 2022 17:01:26 GMT
server: nginx
x-cs: HIT
etag: "d4b9152b7a465ebaac46db0dec2a5dd3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3294
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 e610f62b758afae3.webp
cdn.nur.kz/images/272x153/ 4 KB
5 KB 107ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e610f62b758afae3.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9d23311251eea6d5389f9a4cb4712b023fd9002db38ca7db11e27f9a27201e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 11 May 2022 20:37:07 GMT
server: nginx
x-cs: HIT
etag: "5d2868fd55fdca1f124d554bbc12dc4c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4568
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H2 200 26568a7715f1473f.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 107ms
105ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/26568a7715f1473f.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b88e618aec677e4e93ce5ef6b84cffd3da38247ef4e54c0725748de5f2e74cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Tue, 26 Apr 2022 11:49:09 GMT
server: nginx
x-cs: HIT
etag: "979258c30c02e2a990bf9bfaece8769b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2668
expires: Thu, 25 May 2023 06:03:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 335ms
334ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973602572337587&correlator=1400491650961114&eid=31067720&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=8&adks=1365247535&sfv=1-0-38&ecs=20220525&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&abxe=1&dt=1653458602720&dlt=1653458601180&idt=387&biw=1600&bih=1200&adxs=295&adys=17498&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=true&ga_cid=1570992650.1653458601&btvi=5&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ab5a18aefd981ef3064c328c36a91aad5e009103dc309e178b63dd899bc180a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C1E 103 KB
35 KB 475ms
474ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b262f0d4199201f8250a8f2324b8212a9a4a41352c4d2ba2aa88d960ed44dd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 819C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf879861e15cdde7e55f3aa43c718b500b2b3b5c5346953b4a949b682f1932a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AAFB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0827da877db98e3dbfc8796dcb438bea89045ddacf5388283adbe34cccd93088

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 601B 12 KB
5 KB 53ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2746879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdWgufqkp4qNM%2FXhaA91IUruxjpK2M6cTqc2I%2FfVe%2BsjG%2F27%2FwmWnBl604wfmowXgckK9ZiGdUI3xyPsoEt%2FNhDxBlCfXuY6fL3YDs4iAK6HNAW2IqsCepPDJcsPE%2FsgKoQkcSx%2FPXKkXsH5XdBN9%2FX1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710c114bbce29152-FRA
expires: Mon, 15 May 2023 06:03:22 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 601B 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 601B 58 KB
58 KB 46ms
15ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 601B 56 KB
56 KB 75ms
45ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 12 KB
12 KB 238ms
54ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2F58210e29703e46eb83defcd44eacbefa_square-oscuro.png&v=3&w=196&s=XlY7P_fnYkAMJLIzMoKn2bO3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30922584
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12049
expires: Thu, 18 May 2023 03:39:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 113 KB
113 KB 199ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F4788d9af40ff4189aa746ac1604a10b0_img_horizontal_1.png&v=3&w=1200&s=SHonKLM5UeY3BOb9iw6K7bLx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29131958
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 115624
expires: Thu, 27 Apr 2023 10:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 40 KB
40 KB 239ms
55ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fad5defe2-8433-4070-984a-2c4e3e436eb3_39dfbab7-fe5c-4b6f-9d34-af57818eb1a7.jpg&v=3&w=400&s=Qhu5PRVdyoqMoGdlkiyEh23F&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1798f0a9d19308f6ccf1923ccd7377652467fc81bad168a528a9ca043f5b16f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=453447
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 40938
expires: Mon, 30 May 2022 12:00:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 39 KB
39 KB 239ms
55ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fdcaf6811-74e4-4c93-94b9-18b8adb9813b_55fd7554-ee4c-4971-9592-5e1871371d21.jpg&v=3&w=400&s=5--N_Tdrcf1APbYcNcqsU9Ww&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=741030
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 39728
expires: Thu, 02 Jun 2022 19:53:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 38 KB
38 KB 240ms
57ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7865e9e3-7f69-4799-8388-00d873fe870e_da728b7c-9233-4b0f-9e66-8edf570fb440.jpg&v=3&w=400&s=UZgR-oFP0VXSyoi7v97vyPGO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=371885
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:21:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 601B 41 KB
42 KB 234ms
51ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F71aad7d0-936f-47e4-8b32-21424a146dea_164f2571-2a50-496f-b3b1-485b7c9d37ad.jpg&v=3&w=400&s=UxTm77tl9CRikgnqU5wMd_w3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

56f6845f5ac454702b5ab0b9ea05e5fd19791f3099584a58b1dde7e7aa605ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1137318
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 42298
expires: Tue, 07 Jun 2022 09:58:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 601B 0
127 B 125ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JE0WF3UVBAaJ0xOJDPUXG7pZhzmbw_CHczecgutXDkHtw2El8Fghp3XD6zGbEC1Wr4IGTzFiq1ujaIwE9Ck5AKtCwE4JqrNcrSjW5hKoYeSNhG3HeZ2zNhTkVTMkTTP20oXVWgg4aFU5mfmL0LsWwPA-0WweSsiOK0VIZsq4I5bbdp8ySqe9jXsNDUwgOLg_GCeeH--6ZrK4ldC2Wz9j9C3Q4wWNUvyNT6uBVPWdbO1lSU8LM1GPS4FOlJr8dRYZ2-G1Mg&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 601B 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 601B 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 835C 12 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2746879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy8I8UG5kvskn0KLeNBq8dxPHzNKVgUo%2BOqhQlLNyEi9HjK%2BvSoIkNGQ9LThtfxpAHhpMHVx6ePOFNh9CGOuJjopK6a%2B%2BgAqAa%2B4xB%2BHbMFoaFfX6Tvih1z%2F0cnas89rMyiPArX49awbqOr4wNehTgoT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710c114bdd159152-FRA
expires: Mon, 15 May 2023 06:03:22 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 835C 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 835C 58 KB
58 KB 37ms
36ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 835C 56 KB
56 KB 44ms
43ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 12 KB
12 KB 187ms
51ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30922584
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12049
expires: Thu, 18 May 2023 03:39:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 113 KB
113 KB 207ms
71ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29131958
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 115624
expires: Thu, 27 Apr 2023 10:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 41 KB
42 KB 189ms
53ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

56f6845f5ac454702b5ab0b9ea05e5fd19791f3099584a58b1dde7e7aa605ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1137318
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 42298
expires: Tue, 07 Jun 2022 09:58:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 38 KB
38 KB 207ms
71ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=371885
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:21:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 39 KB
39 KB 207ms
71ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=741030
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 39728
expires: Thu, 02 Jun 2022 19:53:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 835C 51 KB
51 KB 206ms
72ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F80cdefc6-6e53-42bd-9c77-4123b733edbf_49733da2-6e0f-4c2b-bd54-ab2c5e9054b5.jpg&v=3&w=400&s=X51Sjfsnat036jqjiLLv3hF1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2870218c8f77e99ee71a4a49fe9429780a452b4081a1fb38c2d57f10244c7bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 51980
expires: Wed, 25 May 2022 06:03:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 835C 0
128 B 75ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pXzR3nUVBAaJ0xOJaGTJFbn9Z8EfZmXsQaFMuQHHX1575AY3Zy7HNGvaFBPuZ060F42qZfMBIbSag_uwke83S7SUTB_UPAy6Z-1kBCDs9lYW49oSd12dTnd63wLFurxhNMVMrY1_qThcQqG3bg4H1SU5fo_Jky-HImL1vj5tA5dQ4qeyJ6soH7cceiWN-rcqcEk2wWt38JoOvMzsM1OKTKoX67_SJVDBufxIp0poRaFM01-3tgmb2nA8tkbf2FaIfG82sQ&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 835C 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 835C 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:22 GMT

GET
H2 200 7f009a5e4f386b60.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 104ms
101ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7f009a5e4f386b60.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 04 May 2022 10:48:37 GMT
server: nginx
x-cs: HIT
etag: "556d973c158cce17b9b7e0fe52548eb0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3324
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 7850210159a320a6.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 105ms
102ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7850210159a320a6.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 03 May 2022 16:50:42 GMT
server: nginx
x-cs: HIT
etag: "d477fc283b880dc8c08ad1d24fac1df9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5264
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 74989e61cbf031b2.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 105ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/74989e61cbf031b2.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d475daa0377e70ccac4d30f611533778d3c5f7ad2680e355c265c6878d8ee88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 04 May 2022 11:23:27 GMT
server: nginx
x-cs: HIT
etag: "29e3799f91db6a47b08e5f413261c11b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8196
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 9fe66a76a23bf380.webp
cdn.nur.kz/images/272x153/ 13 KB
14 KB 106ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9fe66a76a23bf380.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Thu, 12 May 2022 19:27:20 GMT
server: nginx
x-cs: HIT
etag: "54ecb2f7e2b0f36f1a46b886e547f7ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 13604
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 a3297f6c70cc5e08.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 106ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a3297f6c70cc5e08.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b16abe7754445182c7266c83db145f753e307f43596a47e7306fcabef6d79d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 25 May 2022 00:51:14 GMT
server: nginx
x-cs: HIT
etag: "fdd658c1308bd8da6b5a8b6683049df5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6054
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 c9d384a873344248.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 106ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/c9d384a873344248.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

70df14fc899f41fcf1da268348590755b700a93b3c2ebd00feab55073c9f386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Fri, 13 May 2022 07:23:48 GMT
server: nginx
x-cs: HIT
etag: "f01cad88ab74e6725432efb07f75e583"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5114
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 88c63c8fb8e19346.webp
cdn.nur.kz/images/272x153/ 2 KB
2 KB 106ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/88c63c8fb8e19346.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 17 May 2022 03:17:40 GMT
server: nginx
x-cs: HIT
etag: "092d55ab4ce6596e16bf2f868178199e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1642
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 314f2cf9da816321.webp
cdn.nur.kz/images/272x153/ 9 KB
9 KB 106ms
105ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/314f2cf9da816321.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9cc7e894e95bf50ee6a1c31a843005364bc0ce67ae925d6bc3fcda968d2fa0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 24 May 2022 00:49:58 GMT
server: nginx
x-cs: HIT
etag: "54597ef23bdeb974fd99f327e3c8bc80"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8902
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 93040769b8d83977.webp
cdn.nur.kz/images/272x153/ 15 KB
16 KB 106ms
105ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/93040769b8d83977.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 18 May 2022 05:16:26 GMT
server: nginx
x-cs: HIT
etag: "97af685ac3719ce75ca39c9460ddea2d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 15698
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 2ef1a144757381f8.webp
cdn.nur.kz/images/272x153/ 27 KB
28 KB 107ms
106ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2ef1a144757381f8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Mon, 23 May 2022 04:43:14 GMT
server: nginx
x-cs: HIT
etag: "5d98f2d0ff4d3900fa3d957e9f207358"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 27886
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 263ms
263ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973602572337587&correlator=1400491650961114&eid=31067720&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=9&adks=1343473596&sfv=1-0-38&ecs=20220525&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&abxe=1&dt=1653458603005&dlt=1653458601180&idt=387&biw=1600&bih=1200&adxs=295&adys=19409&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=true&ga_cid=1570992650.1653458601&btvi=6&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d6db8fefd34baed6a1cf5b718ac5f221e9747ac324fdae8c0e8cafb430f1c854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11479
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DB3 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728x090.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/ Frame 7A49 47 KB
11 KB 122ms
46ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7020982dbf299a2ed0d9d56dc81a4fbce791d4ee58002184d61cf31a1b842668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 11029
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:23 GMT
expires: Thu, 26 May 2022 06:03:23 GMT
last-modified: Fri, 11 Feb 2022 09:23:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E28 0
622 B 159ms
74ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP9V1BbY7yOI4BMPzqAow4EE89jxYemrVQFd_IMlFpVgbpdxANURwLfvqgVgB4j7T5DUBEyzUTpCmusjsDcyaWABkn-HiqLFAmss6ltDw6f1WMNycYCK1_oFZ_SyFcEmE24GBPQO6YCbw6zeqGibZounspOzrTBiVS0jJLWV2_9y1q-VIEpDySzTk7dlxn29_1YSY6ue2_OURe1L5kjSHhIGfcPqy32Jr6r3q9aXXkyQg39Oq2v9tVm3jtltWKSbBlJx4s5PgsuG1ELhct4DK2i07BAC_oKV9c_9u6HTBF186-5vPDzLM6e500rnsZN7QEka8qEx4K_97QND5wBx7g3HBGphGcutpmt2WWz7EfONABVy9wBXcE66VFwuvUpjx9TZ5hNiEJ44C9ZZk1OyyyWKt5gDi5BaJfwVVuBjssCgRJjDgHvH0CC5aDQpX9xgKGKxvZbm5TH8uItj9sKGdHTI5i1SpIJfpu9kL43FkX6a52RLCmOJXGfBAFK6WwjLbvDoDaq8X02rkdZ7he5X3ieXDbMR-8Fn7q8Ejo5iIB3JFKDxm2l_oNai7Jy2QByYHJRV6-ZowRK3out3oKwDwZQGeblIgIM-kf7_EO7zwsKivCDY-Boc4lHysEki3EchegQNkIkRed9xymk4G19_ORqcknAGkJ1ukiYQmedT9swIHuyuFRKo51uuMI4W58SQtM5to9ycnnszJwtcf3mEEIhTPCLD5cJ7LCqxlozcsD8soDr6LL-qhQMBU9uR-bPhGDeu_L6ts-CcUOws_IagbagljUSDE7hohY8ftYPN-K-qiPkAjQDPXjNta6tz3JKbhljISqe3ayGMrEWZABUKh7fWikDmuxsu0_y8wl61z2CHU3K_kFdF31nREyHEIqB1is708L0KKHyzXVihW-HVvhW-wMQ8fRS3DhzgNY_D-u33ONZl7QbvWFBt6nFcAA927CAvocgiyvdb4Dlc3VoPz34Y7zILPJYlSvObeT-LB3tdYbLKOIOHiXDWFDEc5tONigYxpcJGUjdOU9-0It_q_JtaYUntJUAIuwPir4I441i8VF9ATIhydzhfa8Wk4Kt276gZCes81VX92kx9DJMUaRPejcbZWvJFFnvpICfV2qONVOllx5UVHrOFAQLjLSPdn3qUiR1Q&sai=AMfl-YT7HrsmczNFw_VENhyqOXcGZCl8PHrm_R1a_SuwwKMzsvsuZFSA-a1Rnhw_MhjJGiy1Uv2NNm-grFOMGjAaBtuEzxqzc_X0somqdpoAm4vZIY35AXyE-APtOBHIBMGLOFBK7K-Y5uy3VSFsdrQZeErh-CpmVhFEtj4pleg-cRYxbGy1iYZ3VGpK676a_kTVtVTAN6qhvm_kB6NGZSsxum5JrUaSiDc&sig=Cg0ArKJSzGVoFXMKvWdmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=471&cbvp=1&cstd=466&cisv=r20220523.26317&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 25 May 2022 06:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 711C 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E28 41 KB
15 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
DATA 200
OK truncated
/ Frame 5E28 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f7db6edd55fea9f4e63c93cbbc61a912dc54439f3a56141f7de1e72ec60ae1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e5898343cf49d79b.webp
cdn.nur.kz/images/272x153/ 52 KB
52 KB 105ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e5898343cf49d79b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Thu, 19 May 2022 10:35:05 GMT
server: nginx
x-cs: HIT
etag: "26b31b00772a99526d7a58bafebe814f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 52924
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 49d983cc3930be9c.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 106ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/49d983cc3930be9c.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dfb12c0b442ba7081d19d86c373fa48db83e91b86f899bc9cfc960c307a72f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 25 May 2022 01:20:13 GMT
server: nginx
x-cs: HIT
etag: "c5a71613fdd8443216e0b1dc01e72910"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7880
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 bf6de423e75c760c.webp
cdn.nur.kz/images/272x153/ 25 KB
25 KB 106ms
104ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/bf6de423e75c760c.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Sat, 21 May 2022 04:48:07 GMT
server: nginx
x-cs: HIT
etag: "dd23efdcbd37168f2e28ed8d2ee69e70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 25156
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 dcded3001a51ac9f.webp
cdn.nur.kz/images/272x153/ 56 KB
56 KB 107ms
105ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/dcded3001a51ac9f.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

951d7a354b45b051eab055548643236540543b010be97591d8d75ac709dd8940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 24 May 2022 01:33:10 GMT
server: nginx
x-cs: HIT
etag: "165796b2093f64f9de53d53bcd85e493"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 57284
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 1e66d0ed6b4f94c8.webp
cdn.nur.kz/images/272x153/ 18 KB
18 KB 108ms
106ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/1e66d0ed6b4f94c8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

14793fc1b610a32700143fba63522a13a5946ba4a6b70c21a871203b0f3f91bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 24 May 2022 03:06:13 GMT
server: nginx
x-cs: HIT
etag: "d47f9b9af237913128cb86790f70123c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 18180
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 840ea73fa583d6c6.webp
cdn.nur.kz/images/272x153/ 10 KB
11 KB 108ms
106ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/840ea73fa583d6c6.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

cc761c804f1e485afe8728643c1294604ecb8efe28b97082d8a5429b151e0370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 03 May 2022 19:53:24 GMT
server: nginx
x-cs: HIT
etag: "21d0afd8a77ba6a850577cca5e2364d3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 10444
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 3e0b19807bddbfcc.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 108ms
106ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/3e0b19807bddbfcc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c802ed3ee1407c58a04b7e0a11bce4114ffb6da4c6de751565e9206e35467e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 25 May 2022 03:06:14 GMT
server: nginx
x-cs: HIT
etag: "78bcaba9547a767d3cc6a8a2e218b304"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6290
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 44f77f6bb5a4dd41.webp
cdn.nur.kz/images/272x153/ 17 KB
17 KB 108ms
107ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/44f77f6bb5a4dd41.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

da396863b8dd9fc1ccd29ac244ba3f646e7910b6c423ed3d83610f33082c2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 24 May 2022 11:00:46 GMT
server: nginx
x-cs: HIT
etag: "88ae14868117f1fab4079a8282f2bbfd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 17074
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 f02bdfee89d18006.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 108ms
107ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f02bdfee89d18006.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2f6a074b70b1d573b395c7d088df6954c2c8cb7e16036a69b67456f13139b55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Tue, 24 May 2022 12:57:47 GMT
server: nginx
x-cs: HIT
etag: "b5a050deaf075b39ff3f0f7ec2a3dc5f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6176
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H2 200 6f8b1564bf21d160.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 109ms
107ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/6f8b1564bf21d160.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

061aba3f4986a30c3a0e5e75cf20be0c806136ab02918984c69bf3ff6a08a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Sun, 22 May 2022 19:20:13 GMT
server: nginx
x-cs: HIT
etag: "b0e061dabaa52fb6f1cc93d1bad24f31"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7940
expires: Thu, 25 May 2023 06:03:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 215ms
215ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973602572337587&correlator=1400491650961114&eid=31067720&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=10&adks=1473689079&sfv=1-0-38&ecs=20220525&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D4e43260094b1ca99%3AT%3D1653458601%3AS%3DALNI_Mawd9rwnUjvtOSY6nKPl-pDyduMVg&abxe=1&dt=1653458603239&dlt=1653458601180&idt=387&biw=1600&bih=1200&adxs=295&adys=21321&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=true&ga_cid=1570992650.1653458601&btvi=7&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

aaaaf4779f47d52b9850d5353649b178c9434b2bf1a60bc37c46361dab5847a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11806
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5DB3 0
0 73ms
73ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRaKAqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE3QFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG980Tnvj0e14ETttcEu8Eu0l9quvUuTfvSazwq2AjXgXwhxTe7wvuAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzM2OTI2MzcxMDA5NjE2MxjBkGo&sigh=7cGL3WjMdfM&uach_m=[UACH]&cid=CAQSOwCNIrLMSdMRysJizY1i8WQiUZawYd1pRHJhH73Ns27gSKDZWRirRlxMDQSBi7UuVYLI0dtBM9lTkcEJGAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5DB3 0
0 117ms
42ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h240fcsqxt3a82d04dmcy57wpn82y2hfd5kg5ehwakdcn6v9dzeehs78zhbe75th61befckhrvqrefng1zmbg01p3hxhf48gdkmkqsayd14qrxsjq5zkmnw0dn773cwz2gpc82n9vs36yzq6xk43t7ht1ksat0d3cw2xnv7wjy5sv1fqrk4n3yrg7f3mmnjmkdsteddaypm54vkxgch5pjd7hj40nap42myhejhfcq1yh981r2t38drwbw26bm71amcnde18zy78k0bfakfwcv0x9mt8hmafhykv2ptsbe2r2sd15vy126psyjqtb116k80hwahmqdq64hn592shz25d3n9rnfxwbwy8bjwcfz6whs3nvhdn61b384xbadhyp94evrq89mrgfv61by30ag&b=Yo3GqgAJLPoKe4JUAAV0MZur5WqjJYLXvn6SQA
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CF2F 2 KB
3 KB 76ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f44e1b436d000b57b2b6b4bb4dcffda19ffc6986b85a76395a3e42bcda467a5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c114efdef5bf5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5DB3 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 405C 1 KB
749 B 40ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5DB3 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5DB3 0
0 36ms
35ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHXy5gjRVatM10cD88w9dlA2zAuHkQXnR-ZU-0zPsk44y6tO6kv7vF7hzO63Hsx6OtWzvG91Z7jRF5jupZHmVgzhj41A
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5DB3 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DB3 136 KB
42 KB 128ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCA6 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 7A49 118 KB
40 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 10:16:32 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7A49 60 KB
24 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 06:03:23 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Wed, 25 May 2022 06:03:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 css
fonts.googleapis.com/ Frame 4C1E 8 KB
1 KB 138ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 04:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 06:03:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 4C1E 2 KB
904 B 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:58:38 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 4C1E 21 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:59:09 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 4C1E 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 4C1E 17 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4C1E 0
0 35ms
34ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMRyDRgB4QarnwqTVbPZ-UyGRRf53k8k2xbEH2nZg6fIBYhAY0jW0eK__7nsQVqsVv7B2cJ68nhebnCqoF4E3qyWLKGg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C1E 136 KB
42 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H2 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame 4C1E 30 KB
13 KB 241ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 14:13:07 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 79ms
79ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=753be57a4262c6c2&pm=cza&p5=lngbo&ad-session-id=6239761653458601621&utg=oxum&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=bmwyavd&sj=OL6w8MmUISI05oYVOSbC9UTLj4JbDd-98eKh7yO7McWjkVJ8bgMQo9w-TOvjrQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsny&rqs=qT7h-2HYASOpxo1ihERRpoq6uvaKG405

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 711C 0
0 72ms
71ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COeLFqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE3QFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrRqsttmRMv9I20Q1nw0YonwSCqf8ygpru50sON2vvBoucSjc8Qs8-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzM2OTI2MzcxMDA5NjE2MxjBkGo&sigh=rhRQsqiyBtc&uach_m=[UACH]&cid=CAQSOwCNIrLMw5QCZ7A54wELF09t3D94ZZPLnw-_syTq4JKfaZj7Egn1_esQnBnEuwOkS8UBYLZCN932uQdsGAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 711C 0
0 42ms
42ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kvbyfp52hacwvaqqw1ks8xxq8ehd60yx135mtt7k06sc96facpvpt09fhy8f0qt89ekp6ne4h5nar776xbkypsntfae9g795gd485qxpx579sbxcphqnvs0z9751ane8skf75dh64qzdx23ajvqw7fymejdgak9wmyjn4drbf8nmjvjsmyfbwzvc5wwsrmfbdx8wd06zgmkaw7wfj85w5v5e1x8d0h291cjwp45mtvywn0skcd8kef0t7c76039mz5aghyf9t9y1xrntt3p0s8mmqe6s2qb9wahtj69j89sg75v3fje10fzy6awbcbvnqxvcqte1kra5ttgq895wqcdccn0n91f86mgvc2qpkb5k8pdanfwnjz3n8af2tktc2g7jwat6k8bkb7v9gyf6xr&b=Yo3GqgAMdPoK4H-YAAHuHscJ8t3E_DuJxPPHAA
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 4DCC 2 KB
2 KB 63ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2677edea48ed30f7d9e13bc89a8a55a4c073e00a89d7aa931d21ea98048fd864

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c114f4a645c38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 711C 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D22 1 KB
749 B 40ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 711C 17 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 711C 0
0 36ms
35ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjSYheF3LihH7lNarsUGU1rKNLPQEGgY415dVd5fVa2kL7-M5Pu_C7mP-3oSu2jBnxMPu62k_cUW--bMlavSXpVE7LaQ
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 711C 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 711C 136 KB
42 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C1E 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6moYqsaNYuXeMZ6vzLUP4-uesAeO0fPvaciwqZqeENzZHhABIKzI6ktgleKQgqAHoAGIqK66AsgBCagDAcgDywSqBMcBT9Bh7Dj0NV6a0GJCIBGurV4o8L3P-Hw8NApECc_A8JhwSx_QsugQ2iMBQtXKsTxoaxpUXhOIYTewNEB6SQvGvHSr4_1qCI5G0-1vAufpiuSiDc_Dzf5TSzZ1m3aF69xGY-19UoyvYo9vakpKtLCV11BohCRZ4MujnxzxbAc99B13DSakaFISsXDDhixmmPDC9X1tJT6khsH1uNIw9CbRG2YGIfPn5PjcPsupEsujVwU_DNboLFUwe0tNCBdsdS2tFgHItO3HaMAE_tr78oIEkgUECAQYAZIFBAgFGASgBi6AB-DX0cUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ180H0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMzY5MjYzNzEwMDk2MTYzGAA&sigh=CRHXmXAiMQU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E18A 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 65722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6401189341559351647/ Frame 4C1E 19 KB
19 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6401189341559351647/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf575110f00bcd665556f5ec69859ed96b330561a00b8b63308381d5858d915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:25 GMT
x-content-type-options: nosniff
age: 76678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19703
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 08:07:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 May 2023 08:45:25 GMT

GET
DATA 200
OK truncated
/ Frame 4C1E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4C1E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame CF2F 85 KB
11 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50762
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c114fbb365c38-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame CF2F 31 KB
11 KB 45ms
36ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=IOnHVw==, md5=TQGT+nK+VK2hQyff6S/VUw==
date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2693
x-guploader-uploadid: ADPycdtVCuQh3tbUzEH574ex_2SleVXlxZux4A6yIku4oJdb1MbfAq9XrpYIRpELC21mpsBruNg0lYdP2HJt4zo-lpxtBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 05:18:02 GMT
server: cloudflare
etag: W/"4d0193fa72be54ada14327dfe92fd553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztcB4XJJdoj2dDzEAxhttEqrf6FtsFDS%2Bmigkfoo0NDegtUDcSz18HYE4bFF0sAQdOnbGoZ%2BZXQnijrC%2BgNNZ67w3R9IodFix9k7BjoJtjecEQG3hTPgtaTlKdLEoIIMQm5b6hE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651592188892994
content-type: application/javascript; charset=utf-8
expires: Wed, 25 May 2022 05:18:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 10607
cf-ray: 710c114fcf655bf5-FRA
cf-bgj: minify

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DCA6 0
0 73ms
72ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzsHVq8aNYtn-ApCcgAfMo6HAAcme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAkpR8hrg_LE-4AIAqAMBqgTeAU_Q8XUMhhbCAWXbRV3558bw0F2tjiPnRaaGVKf0RYk0QuoGn6B_UCfWctLo2p3IQpRpZozn4MFo5BgzpokzPB3veB0GryeIKllB6kt_eWkIxCN2Gw0iTDHCeuaRh_AEBYGgiFKgOCfZi69o9i5DPRSClwhAaN6bwQV8XCnxcGOnKiBwNyNczRr1h5fk1dQiFTyDLB3lCTHEZ4AkjQHbC4bL3JWoHu7qgcp2EomoO7ix1AzMo_CIU_vlssLds6Xi17sUB0jdvDO6Hu1jI_4qTnN6TGOiWxyEG8LZMeewUeAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODU4MDE5NjQyNzIwOTMxNBjBkGo&sigh=2tE0KHoSti4&uach_m=[UACH]&cid=CAQSOwCNIrLMZsO1NOe3mGOd-J-sa0-mzf7y1SqlyarekT9xxest8ZCds1aW-Og4rjlmzhLXtv_M8HVsVX54GAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame DCA6 0
0 15ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Err5RNQHyAGdg2ICAgAAAJ08UUBYP1SW02Tfx6oU-b4QqsaNYvFNp3Nuc6rgk4a-ABIAAA&wp=Yo3GqwAAv1kK4A4QAAhRzH-9dBvInDdAorgaOQ

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 221627
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9DBE 154 KB
50 KB 99ms
99ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqwAAv1kK4A4QAAhRzH-9dBvInDdAorgaOQ&u=%7C7Cc6W5l6S7U1%2BqQ59a9g6imfyZTJT944t5%2FIhq455xo%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq5_FVQZvDRx-DFjy6mR5-AF1YQP7NnDIZ5G-CA4aa3T749-13IOKmXJkZX45CsOpBDtqGyYcg5UCUh3HWeKO6jNWPKILgWtkRMBZLQaDddnByAJglbi2TgPvzv9LhjO6mCe5QZbCrRYU9lP26rxq75_448Yg0qpUbu6O3KtY_v5N6M_E6qBS-A3DDHBRvNcOIcsaXKIkT5o5FM6w-jGNeZQp6JtNdEf-EOGyTh26aWJz8DUPNtWqy9gU3KJ9mIl5DSF0v05xhd4a-_Q6OakhXS7E3BQ9Ckdch-VL0wrorYr9KlhzGkbwvLn545GOaGOPZXCryf1_G3-EQK9WwbPm-IoMqOkmz8j3BpCAPJkacMm3XnbIehMYFp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkqaRq8aNYtn-ApCcgAfMo6HAAcme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAkpR8hrg_LE-4AIAqAMBqgThAU_Q8XUMhhbCAWXbRV3558bw0F2tjiPnRaaGVKf0RYk0QuoGn6B_UCfWctLo2p3IQpRpZozn4MFo5BgzpokzPB3veB0GryeIKllB6kt_eWkIxCN2Gw0iTDHCeuaRh_AEBYGgiFKgOCfZi69o9i5DPRSClwhAaN6bwQV8XCnxcGOnKiBwNyNczRr1h5fk1dQiFTyDLB3lCTHEZ4AkjQHbC4bL3JWoHu7qgcp2EomoO7ix1AzMo_CIU_unsONPNCp-xASIE-sNgZVCF_lplfQEVvHOhF4EqaOaN9pcm2Oj7o7LiuAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1nlLMTP-O4bNIC3ZbRYcp9vxbbpQ%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d9929e941ba495084f03392c780931fb8f37107b2da036b8bc46f16d44c93af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MCVLxHUVBAaJ0xOJuSGG_qKuAG2SkOEybVZVafWMiDv9iqoCTjduPGGI2DHP8oowhHEQ8UC6vZBphYg07HSgiHt-9B0id9eVwGiz20v1p842LwLo3bylBh9k4-Gs1MPXFnUJeiBmPx8bN7vcZcnTiJ4T19kW9gy0ot_b4bQAc6PwVuTWmusfIhsLtmRSQSGwBN6VTk5aAfW2GGAmgBmkUuofVYxJjnhbT8F_NlhWZK0dIIUwxj2Xd60DDnJpxMU3sVdqWw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 83931028
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame DCA6 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FE6F 1 KB
749 B 44ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame DCA6 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DCA6 22 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCA6 136 KB
42 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 722A 1 KB
749 B 44ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4C1E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a01459cf03150bafedb716bb1bda7b15b48a6f7609576372987afa5a42144da6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AEF5 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:22 GMT
expires: Thu, 25 May 2023 06:03:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 61ms
61ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=cd8c18bcbaf7aae4&pm=cza&p5=kunhv&ad-session-id=6239761653458601621&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=lgbhbxc&sj=Z_lSr_ZTFZW3liuaT2Mdb05wYr_QhLbXeIdYJB0CudqJ9y3_6pakoqrchrEcAQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsnx&rqs=qc6KKAVqCXapxo1iiRwVuJ2GQPuSnbhl

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 405C 35 B
464 B 38ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPJKciypR_1UnFQZgc4G2P-R2-rWf5PBOtckNVxeTIh-iDAI1Mjm4EO8CT-WyorL6jyq1_n7QHmLRhIWm7VqofjxrJlfoOfX

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 405C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKB...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFCSGpJNXlYQQ&google_push=AYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKBBJe8ovzrwJog1fJxB0_OuXojqOpNnpLFGAQpDdWHDNS9-ouag52M9nd...

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFCSGpJNXlYQQ&google_push=AYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKBBJe8ovzrwJog1fJxB0_OuXojqOpNnpLFGAQpDdWHDNS9-ouag52M9ndHHRw

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFCSGpJNXlYQQ&google_push=AYg5qPIm2ZHbbt4IrHsHrUL4MeyY2qagIiCqc6CWKKBBJe8ovzrwJog1fJxB0_OuXojqOpNnpLFGAQpDdWHDNS9-ouag52M9ndHHRw
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 405C 43 B
351 B 81ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECQhCnxcissj7_fm9VwfJ0c&google_cver=1&google_push=AYg5qPKfQpDVqK2LI1mpvxZNQzTwMCkyG440Fl45PHLD0pSRWgKimM53i1ZyfqNU09NjnBvUfQ0aKvWJrVxC6NOmWtGX8JAS3q7qug
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 8d6vg65feght8kdj91rkccemv7ic2j00

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 405C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3XMu78JbFNwhkG1-owhgxjhrgerrcG857jtr2WE85yq-Nm07ut4wQsYK52_rlJS25OauFLjjc4lrZ162zA2W9SR4tmng4aQ

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3XMu78JbFNwhkG1-owhgxjhrgerrcG857jtr2WE85yq-Nm07ut4wQsYK52_rlJS25OauFLjjc4lrZ162zA2W9SR4tmng4aQ
date: Wed, 25 May 2022 06:03:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 405C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasns...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3U08tVS1FSFNa&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasnsppw3r6SlzhspMaBHWvbjbrcvWEA

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3U08tVS1FSFNa&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasnsppw3r6SlzhspMaBHWvbjbrcvWEA

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3U08tVS1FSFNa&google_push=AYg5qPIWi6ObSi3FPJMSyYl2NqDM5-6yrr2gKaVqzCoeAvjqixEWmNYLfoKcyEkJlG91hRNasnsppw3r6SlzhspMaBHWvbjbrcvWEA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 405C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_push=AYg5qPIyP3yda64kE61_MaQFwv4nSnBCyeE9kXp35h2fdKmL5JVV4RoDIbOohGM5J5eUDH4jOyJnlHV7YbdHeB2B2F...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_push=AYg5qPIyP3yda64kE61_MaQFwv4nSnBCyeE9kXp35h2fdKmL5JVV4RoDIbOohGM5J5eUDH4jOyJnlHV7YbdHeB2B2Fz3aLXlFCJXdA&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_push=AYg5qPIyP3yda64kE61_MaQFwv4nSnBCyeE9kXp35h2fdKmL5JVV4RoDIbOohGM5J5eUDH4jOyJnlHV7YbdHeB2B2Fz3aLXlFCJXdA&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Wed, 25 May 2022 06:03:23 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 405C 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 405C 0
12 B 52ms
51ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFvm7nPbVY8LrQDJk_nA0dls0yagf5Tdn31e8FATbtj4SCYGLweL5sd-W0R74Hka622DqvVQ

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E28 0
26 B 128ms
67ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP9V1BbY7yOI4BMPzqAow4EE89jxYemrVQFd_IMlFpVgbpdxANURwLfvqgVgB4j7T5DUBEyzUTpCmusjsDcyaWABkn-HiqLFAmss6ltDw6f1WMNycYCK1_oFZ_SyFcEmE24GBPQO6YCbw6zeqGibZounspOzrTBiVS0jJLWV2_9y1q-VIEpDySzTk7dlxn29_1YSY6ue2_OURe1L5kjSHhIGfcPqy32Jr6r3q9aXXkyQg39Oq2v9tVm3jtltWKSbBlJx4s5PgsuG1ELhct4DK2i07BAC_oKV9c_9u6HTBF186-5vPDzLM6e500rnsZN7QEka8qEx4K_97QND5wBx7g3HBGphGcutpmt2WWz7EfONABVy9wBXcE66VFwuvUpjx9TZ5hNiEJ44C9ZZk1OyyyWKt5gDi5BaJfwVVuBjssCgRJjDgHvH0CC5aDQpX9xgKGKxvZbm5TH8uItj9sKGdHTI5i1SpIJfpu9kL43FkX6a52RLCmOJXGfBAFK6WwjLbvDoDaq8X02rkdZ7he5X3ieXDbMR-8Fn7q8Ejo5iIB3JFKDxm2l_oNai7Jy2QByYHJRV6-ZowRK3out3oKwDwZQGeblIgIM-kf7_EO7zwsKivCDY-Boc4lHysEki3EchegQNkIkRed9xymk4G19_ORqcknAGkJ1ukiYQmedT9swIHuyuFRKo51uuMI4W58SQtM5to9ycnnszJwtcf3mEEIhTPCLD5cJ7LCqxlozcsD8soDr6LL-qhQMBU9uR-bPhGDeu_L6ts-CcUOws_IagbagljUSDE7hohY8ftYPN-K-qiPkAjQDPXjNta6tz3JKbhljISqe3ayGMrEWZABUKh7fWikDmuxsu0_y8wl61z2CHU3K_kFdF31nREyHEIqB1is708L0KKHyzXVihW-HVvhW-wMQ8fRS3DhzgNY_D-u33ONZl7QbvWFBt6nFcAA927CAvocgiyvdb4Dlc3VoPz34Y7zILPJYlSvObeT-LB3tdYbLKOIOHiXDWFDEc5tONigYxpcJGUjdOU9-0It_q_JtaYUntJUAIuwPir4I441i8VF9ATIhydzhfa8Wk4Kt276gZCes81VX92kx9DJMUaRPejcbZWvJFFnvpICfV2qONVOllx5UVHrOFAQLjLSPdn3qUiR1Q&sai=AMfl-YT7HrsmczNFw_VENhyqOXcGZCl8PHrm_R1a_SuwwKMzsvsuZFSA-a1Rnhw_MhjJGiy1Uv2NNm-grFOMGjAaBtuEzxqzc_X0somqdpoAm4vZIY35AXyE-APtOBHIBMGLOFBK7K-Y5uy3VSFsdrQZeErh-CpmVhFEtj4pleg-cRYxbGy1iYZ3VGpK676a_kTVtVTAN6qhvm_kB6NGZSsxum5JrUaSiDc&sig=Cg0ArKJSzGVoFXMKvWdmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1025&vt=11&dtpt=554&dett=3&cstd=466&cisv=r20220523.26317&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 5DB3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4a4f0fed1bb5bb45d2675d2a4f4d7ca3729214682475c35d51ab9e9840b6987

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 4DCC 85 KB
11 KB 40ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50762
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c1150bded5c38-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 4DCC 31 KB
11 KB 26ms
25ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=IOnHVw==, md5=TQGT+nK+VK2hQyff6S/VUw==
date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2693
x-guploader-uploadid: ADPycdtVCuQh3tbUzEH574ex_2SleVXlxZux4A6yIku4oJdb1MbfAq9XrpYIRpELC21mpsBruNg0lYdP2HJt4zo-lpxtBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 05:18:02 GMT
server: cloudflare
etag: W/"4d0193fa72be54ada14327dfe92fd553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0M6AQPwyC7jLNLq8GBXOVRS6wteZdufzdSlYXxTPwdXNMInrqqezQ4eRY81fTAwJ%2BvDyEvkNPrsT6%2FAS6c16KZ0T612X3fzIkx8QP3adXtTrRX24oXLEbarQrQK5r%2FKZoso%2BgE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651592188892994
content-type: application/javascript; charset=utf-8
expires: Wed, 25 May 2022 05:18:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 10607
cf-ray: 710c1150bdee5c38-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 711C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fb2e1a377682f1926911eb2593c662f0e0333c1ec1810690dc00a0a160abc35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A49 7 KB
5 KB 122ms
48ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a02f6b7d682d35c14525337b51d8d709023b7cba60a717dee794113e42e6457f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5509
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_HUeKlT1_kbZ6JtFieKj-YcWTZY78dYHgUH5-tt5VNJ1g&google_hm=ZW7NOZrwn4...

170 B
188 B

52ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_HUeKlT1_kbZ6JtFieKj-YcWTZY78dYHgUH5-tt5VNJ1g&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI2Zutd7XLUzmi-palQcqfBOxDbwfMGOagOimwod_DdrVoI0eQ9G_HUeKlT1_kbZ6JtFieKj-YcWTZY78dYHgUH5-tt5VNJ1g&google_hm=ZW7NOZrwn46DS2yHI1Vaqw
pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK0R7YNUqY0WPgvNbsiB8kFLxQMMCHMdj9mrx9kcUU_ZqoNpu-GIyaWy0pVMhOKCysGubn8HBmgXVtI9hecP3p_AOoFI8OgqQ&google_gid=CAESEPJDv65IVWPOMeCTtGM9FiY&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKuNt5QGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBLMFI3WU5VcVkwV1Bndk5ic2lCOGtGTHhRTU1DSE1kajltcng5a2NVVV9acW9OcHUtR0l5YVd5MHBWTWhPS0N5c0d1Ym44SEJtZ1hWdEk5aG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQkdYYjd0WmVHY2stSHF6YjM5ZXZYZ1RlN1ZabkNoVFVmLWphbmxra1BYSQ==&google_push

170 B
188 B

49ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQkdYYjd0WmVHY2stSHF6YjM5ZXZYZ1RlN1ZabkNoVFVmLWphbmxra1BYSQ==&google_push

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQkdYYjd0WmVHY2stSHF6YjM5ZXZYZ1RlN1ZabkNoVFVmLWphbmxra1BYSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJFioZq...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJFioZq...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUwNjAzMjQwMDA3MzA4MTg1NTAyMQ%3D%3D&google_push=AYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxm...

170 B
188 B

54ms
54ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUwNjAzMjQwMDA3MzA4MTg1NTAyMQ%3D%3D&google_push=AYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxmtjDOE8fhC_QmcIEaa-YOwlBrbjZJFt_A

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUwNjAzMjQwMDA3MzA4MTg1NTAyMQ%3D%3D&google_push=AYg5qPJFioZqfmM-tQxNAHEf_bAHL9r1bP3TpQLwHcAelZjI9z8JjQsuO84oR19S5sAmxmtjDOE8fhC_QmcIEaa-YOwlBrbjZJFt_A
pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 25 May 2022 06:03:24 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 1D22 43 B
64 B 37ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECQhCnxcissj7_fm9VwfJ0c&google_cver=1&google_push=AYg5qPImTiPch5pojnBicTNZEA4qLAmsCcuy1jQIJMDbujWdSKC2mGS9yQAoCtCvyjdEhlmHNic7bPy1icwA2tKV8PNnuf9LLBBrJA
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kq6romt7van7og110os10fe5e60cjfav

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIspJ-9bGLFtpnaGFwb2QSHCsfl0SECXlrs7dUefcNp-XUrj9aby2qZGiLhbEaO497GxXiK75zQd5Jj0BQqkUqZNvtj_7ojzQ

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIspJ-9bGLFtpnaGFwb2QSHCsfl0SECXlrs7dUefcNp-XUrj9aby2qZGiLhbEaO497GxXiK75zQd5Jj0BQqkUqZNvtj_7ojzQ
date: Wed, 25 May 2022 06:03:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_I...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3V1YtVS05V1Q=&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_IaAPNXvdz0knO-nCGV_YdhyMG1

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3V1YtVS05V1Q=&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_IaAPNXvdz0knO-nCGV_YdhyMG1

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks3V1YtVS05V1Q=&google_push=AYg5qPIHGRUgAimP5o65_zltvHnocYkAPbp76tiJMBXQGGz3QojSMzXxfX-FGAYXp5BPcDi1M_IaAPNXvdz0knO-nCGV_YdhyMG1
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D22
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPLIQCF9psm6h1Yk22jTGwklC5fORXhLizNwPH1y3R3GKLf...

170 B
188 B

53ms
53ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPLIQCF9psm6h1Yk22jTGwklC5fORXhLizNwPH1y3R3GKLfcS5e2IoAtq8HO95tewh58uIkIGMAhlP7Ob_jdo2TqVHIUGIIEzg&google_cver=1

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPLIQCF9psm6h1Yk22jTGwklC5fORXhLizNwPH1y3R3GKLfcS5e2IoAtq8HO95tewh58uIkIGMAhlP7Ob_jdo2TqVHIUGIIEzg&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Wed, 25 May 2022 06:03:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D22 0
12 B 47ms
46ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ltd1z1pz_mfnppuCt1qvM8SG8t-Brkk9quppM-LvHY2YxocQ_LAIM0BO3J3o9C-H_usoNK

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9DBE 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3GqwAAv1kK4A4QAAhRzH-9dBvInDdAorgaOQ&u=%7C7Cc6W5l6S7U1%2BqQ59a9g6imfyZTJT944t5%2FIhq455xo%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq5_FVQZvDRx-DFjy6mR5-AF1YQP7NnDIZ5G-CA4aa3T749-13IOKmXJkZX45CsOpBDtqGyYcg5UCUh3HWeKO6jNWPKILgWtkRMBZLQaDddnByAJglbi2TgPvzv9LhjO6mCe5QZbCrRYU9lP26rxq75_448Yg0qpUbu6O3KtY_v5N6M_E6qBS-A3DDHBRvNcOIcsaXKIkT5o5FM6w-jGNeZQp6JtNdEf-EOGyTh26aWJz8DUPNtWqy9gU3KJ9mIl5DSF0v05xhd4a-_Q6OakhXS7E3BQ9Ckdch-VL0wrorYr9KlhzGkbwvLn545GOaGOPZXCryf1_G3-EQK9WwbPm-IoMqOkmz8j3BpCAPJkacMm3XnbIehMYFp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkqaRq8aNYtn-ApCcgAfMo6HAAcme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAkpR8hrg_LE-4AIAqAMBqgThAU_Q8XUMhhbCAWXbRV3558bw0F2tjiPnRaaGVKf0RYk0QuoGn6B_UCfWctLo2p3IQpRpZozn4MFo5BgzpokzPB3veB0GryeIKllB6kt_eWkIxCN2Gw0iTDHCeuaRh_AEBYGgiFKgOCfZi69o9i5DPRSClwhAaN6bwQV8XCnxcGOnKiBwNyNczRr1h5fk1dQiFTyDLB3lCTHEZ4AkjQHbC4bL3JWoHu7qgcp2EomoO7ix1AzMo_CIU_unsONPNCp-xASIE-sNgZVCF_lplfQEVvHOhF4EqaOaN9pcm2Oj7o7LiuAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1nlLMTP-O4bNIC3ZbRYcp9vxbbpQ%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:23 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9DBE 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:23 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9DBE 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 06:03:23 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9DBE 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 06:03:23 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9DBE 43 B
347 B 18ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UnmdBGqAaxkM4kUCQyvZbYlLVcqeftw4U23no00FZK-7p7jdSMN85VWjZULm4gv4W65XaAqze5BFtrKbofftDw9smzLdudALHErJOnhPraMSPSqEFsEn0uUFO5PUKoAa0xpTl7RHdkB71_bzZhBgbSKOiW684msqpOXmEK1HRKABd-h3kva87QHyTMNwLEbaKTuoLTRll8QkP9KMBVF9hN5oONCw0QSsZRXZpJ0vF3uhaMBn6aXwURGbY7YsvU97VQyGRQp7Fxwrr9vFWyongLyUpGh4-sBtYsil9Jre107vAKRip84Mliq4BonYkLG5eP59_Jqkw4I2HZ3uekUP2E19BN_WJM7zTSNXcIDmFG2yS4BEq7wwltEasLz0OklMwZ8f6tq1RRzpPyhW42eOSIptPX9-DEYvGJRCwYIkvT8otvUDeaSaP8b4kK4EQwaKKBf6Jg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3408625
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 4C1E 28 KB
28 KB 131ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 28276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:12:07 GMT

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame E18A 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7A49 47 KB
47 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:54:57 GMT
x-content-type-options: nosniff
age: 506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 06:09:57 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7A49 47 KB
47 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:11 GMT
x-content-type-options: nosniff
age: 12
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 06:18:11 GMT

GET
H3 200 60005582_20220505062002197_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 8 KB
8 KB 40ms
40ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220505062002197_STANDARD_728x090_LOOK-01.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd79cd65bc9b01eaaa677ea39f71aa0cb323c1b9e73c1f49a2df18d160ea2822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 16:48:39 GMT
x-content-type-options: nosniff
age: 47684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7828
x-xss-protection: 0
last-modified: Thu, 05 May 2022 13:20:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 16:48:39 GMT

GET
H3 200 60005582_20180201040701083_empty.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 95 B
121 B 58ms
57ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20180201040701083_empty.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:47:30 GMT
x-content-type-options: nosniff
age: 58553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 01 Feb 2018 12:07:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 13:47:30 GMT

GET
H3 200 60005582_20220429061214968_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 26 KB
26 KB 236ms
236ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220429061214968_728x090.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a491d79badba46f7599b546f0ba30cbdc204238161bfd416141aac15f3ab98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26741
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 13:12:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 May 2022 06:03:24 GMT

GET
H3 200 60005582_20220502080355669_Stoerer.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 1 KB
1 KB 58ms
57ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220502080355669_Stoerer.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa022b49048d3c6beaf6844fe5d7d7fc495885a467e1ad3cd4de3f675e2df1bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:25:11 GMT
x-content-type-options: nosniff
age: 38292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:03:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 19:25:11 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 2 KB
2 KB 58ms
57ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:54:58 GMT
x-content-type-options: nosniff
age: 36505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 19:54:58 GMT

GET
H3 200 60005582_20220504020247317_PANDA_APP_iPhone-13-Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7A49 33 KB
33 KB 58ms
58ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220504020247317_PANDA_APP_iPhone-13-Pro.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5325394904e37523023cf98861fed5fcb6d633f49fcfb7b4d3f2f233547ae427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61685343/20220211012309469/728x090.html?e=69&leftOffset=0&topOffset=0&c=XVpGPN4gOZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 12:22:57 GMT
x-content-type-options: nosniff
age: 63626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33299
x-xss-protection: 0
last-modified: Wed, 04 May 2022 09:02:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 12:22:57 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 7A49 43 B
635 B 32ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_323350682_145341330_PO4303A20220503&ref=26952494_4307561_323350682_145341330_PO4303A20220503
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 06:03:23 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AEF5 0
0 72ms
71ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaVuuq8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE3gFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJa40KxGR34lH3Y7i_7cCou58UE7W0slRqngw3uwdW47a9-1EW57HngBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg1ODAxOTY0MjcyMDkzMTQYwZBq&sigh=syZK-Kd_Vw8&uach_m=[UACH]&cid=CAQSOwCNIrLMjTIyOUz1FxvzMO0NSqxT9DYAr5iHJTfTEu7D8GBRSSWQ65mov7GzQsurAFAfNXlnFg_hXKH6GAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame AEF5 0
0 109ms
42ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k5sxxt0q2kv3a9zf2h8pb8pjxz2v1cs2ab8dxw65v8zj89xeg2yvyx7r6yfdka3pgb30gdk5mg4qerc7wz9qgt92wz2jc3ccz5pkr6jafm8xa4svhd07wr39c1vqk9zvhbrdba91ptrb7vmg81ewdysyp90r5qckn5z29bt67bzrw99q57ky561ajm90krvcwga7ancxfmn84a2gb6jg9wjhbkcrfwz76dm8f8t0mw1mmcgnbq6kr25pn33dp38gm12qsjj5tcykwtj7q1ap7hgh7kn8vdvsa0gbttxwjd8602mvxg8vbpmt8ndeyk52vmpn436re0zbjvmmretfamry2a8gspv1mmedm264as58nfdxvgbfhrmdsv03fbn8vzmb53jade84g6a83ra0s0&b=Yo3GqwAERCYKe4UIAAODRNlLUoPVFkbd-p1-zQ
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 06D0 2 KB
2 KB 30ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135f2a0abeef246042a1ab29df25e4e4a627e789b0f3556539a2706bfc9b2990

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c115249105c38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AEF5 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED60 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AEF5 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AEF5 0
0 35ms
35ms Image
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_urW_TZPL_V6foo0gr1IMkE_3tCd38h2DmuRPWtzEFe5VknvP8fJ6hS-C23NZ1RFpoeSvJisKjGmNy3i4py-35Noc6Q
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AEF5 22 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 11:48:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEF5 136 KB
42 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:23 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CF2F 3 KB
4 KB 86ms
38ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 25 May 2022 06:03:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7393634
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxcm6XkjIkWTvxg39a3t1I%2FlUbVQGHY9Vu6P6zQQPjuqBwdUwKxXZpLt%2F9DLM7IYK0VTKrrvUVRsiJWAg%2Fm3wk1GJDZuNdUgC1tjgz1UtJR%2Bldr3WHBqQ2a%2FRsiVaGZ1MNNkzXqpG%2BM%2F9TZUiJ5m0yUi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 710c1152cd0d92c9-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4DCC 3 KB
3 KB 89ms
41ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 25 May 2022 06:03:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7393634
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMZi2QV9DIYSnZ07a5GpcB%2FmTbDmnq8KsUHDPk0NAsx30W0BbWPv2oUjzmbThbX9OBeuETdpa72stdZYQ074BBFfi30nHorpe4FQZuWWXsMoDsWOAbvIbuawToIel3Z4DqTxs%2Bx5N0EUM0XbHd5QWwnj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 710c1152cd1592c9-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE6F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEImJWO1jEZ3gup4KvN-hSHk&google_cver=1&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89Q9MU7e8U2O8R

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89Q9MU7e8U2O8R

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 25 May 2022 06:03:23 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLDm3mX-KIKFI_4ztKwEffC55b85Yu61eEZV_h0rVlbMobCOsFPRdvoJ0Ng8sMYftF5OgxCwKgKDArSR-89Q9MU7e8U2O8R
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 25 May 2022 06:03:22 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame FE6F 0
191 B 114ms
49ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEF9lfIceXHdzSsiieej14_I&google_cver=1&google_push=AYg5qPJIA8AgOHXAWE-1qhq01pCv835_I693D88A5yBfcrYSaRCw_Az8oNbgXsU_GB7-5_t-yiSFQeMmJlRsN5GayAcl9Cav6w-Rcg
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE6F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAXYa4b-3q3aJeSHWtod7M4&google_cver=1&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6p...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8r2tBmjbR_2Wu7N-ueoiyw2&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6pYu0GTS2kEZf1

170 B
188 B

54ms
54ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8r2tBmjbR_2Wu7N-ueoiyw2&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6pYu0GTS2kEZf1

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8r2tBmjbR_2Wu7N-ueoiyw2&google_push=AYg5qPLVKcGZY8Pc_zaBQTtxnYDbcQkG3HBSHTFB9I5IeeGMdTasWS2Kpx8c4Z0L7OPXo7gcRyMAbwWDFIENXg6pYu0GTS2kEZf1
x-host: tde-deliveryengine-production-5cc5c75555-dgwft
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE6F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE43m0ilNX1K-2VkdJQACvI&google_cver=1&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE43m0ilNX1K-2VkdJQACvI&google_cver=1&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUzODI3MTkwNjMwOTAwMTY3MQ&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOk...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUzODI3MTkwNjMwOTAwMTY3MQ&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXxlzKS9-E0kM88J5ly5rdk

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUzODI3MTkwNjMwOTAwMTY3MQ&google_push=AYg5qPJQlllpsPFTJMyze35XZecdfUb3ghe1GvLrJ9sAJl4o-9CABE3dJXgua1Xj5DjTp2fk_tYKOkXxlzKS9-E0kM88J5ly5rdk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE6F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MEYtWS0xNUo3&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bELvgc6z9VC0GiM9AUKH6FdiQjb

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MEYtWS0xNUo3&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bELvgc6z9VC0GiM9AUKH6FdiQjb

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MEYtWS0xNUo3&google_push=AYg5qPKeJbxwX_9e2-1ZyL399nyp7GzqWHq34p0BMLy96cg8NVjtGiUzSPmWxNYsKGsGnf6T_bELvgc6z9VC0GiM9AUKH6FdiQjb
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE6F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPl5YpW6F1WysBYcOIkMabQ&google_cver=1&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3z...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4...

170 B
188 B

48ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3zKGg

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIBRxvS3qHNgidAQQX1Cmo3IjJfSX5P66MKm9E3pyPXySmYIRX4BG10rWpT2b4a7t5tarcSmQC0LcOWoEzisjVuWRHye3zKGg
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame FE6F 43 B
65 B 46ms
44ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEJSQiURmRZH65zjMsnFZgqI&google_cver=1&google_push=AYg5qPLTy2Fas2HzqwxdL9Y2e2O4nq8HRvm3y3lWuKenfYUWoIWOkcUgZyfIuAMKzFSMgpqja6Vsw4oCqw42s07FOz5FXV7n7iFJTA

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 May 2022 06:03:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FE6F 0
12 B 50ms
48ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13If6RWClPVn0HLKZr-ZTbGLfe5Zx52-zOQqoF_09gi9ZMPsu0Q-oOyBW5XIq7j_qTqm-ye1Pw

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame DCA6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39876997fc850cacfbeee657828066ba9ea282de46672aca2b739fa0cdfd6c32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg8xm-DmEjBtQh2o0GbMfQ1FlfqTCL7RrP-kO_d7J9E&google_hm=ZW7NOZrwn46DS...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg8xm-DmEjBtQh2o0GbMfQ1FlfqTCL7RrP-kO_d7J9E&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJRsjqSC9rK1sSbbxZDbHlC8hbr9udiLx1ZHfMcsGH9ZD_jAWYAQg8xm-DmEjBtQh2o0GbMfQ1FlfqTCL7RrP-kO_d7J9E&google_hm=ZW7NOZrwn46DS2yHI1Vaqw
pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFBQlpQSGtLVg&google_push=AYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1WbEsY1cunYq9i0o_RD15D_nWLCVg0OhBvMy-A5Kb9HfHZaqH3kbipSzo

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFBQlpQSGtLVg&google_push=AYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1WbEsY1cunYq9i0o_RD15D_nWLCVg0OhBvMy-A5Kb9HfHZaqH3kbipSzo

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW8zR3F3QUFBQlpQSGtLVg&google_push=AYg5qPKFGYCme3F2I1eDKudNWZdp10H-x4mbbBDScg1WbEsY1cunYq9i0o_RD15D_nWLCVg0OhBvMy-A5Kb9HfHZaqH3kbipSzo
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 722A 43 B
64 B 21ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECQhCnxcissj7_fm9VwfJ0c&google_cver=1&google_push=AYg5qPJcgRaUsUPbT8mw9qLLgYtDLiqN4mBefs02e9GduutpgTjukfCAFtAl-Mn5jwYJFI2gvqOOx4FA-29Qe6y2c8ufc9DPq9I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 093cn8mlokb34s7crhudddrjgnfd1god

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhKbyL-yXmWE-T7oroNgkRqZBgbSs01WM-exdNKvUy8cheS0PBD5DqRmOqD6mD3S7RI-wMfeD2fmwmgMY8C3vdGk5zeg

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RpibL7l4TfyD6Y0TSzf_Dg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhKbyL-yXmWE-T7oroNgkRqZBgbSs01WM-exdNKvUy8cheS0PBD5DqRmOqD6mD3S7RI-wMfeD2fmwmgMY8C3vdGk5zeg
date: Wed, 25 May 2022 06:03:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBr-Dct0tUex0IQi5DLtSdg&google_cver=1&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MUstMVUtNExJTA==&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSzgJSuhRfBjt0sK_ek8PJiEwV8

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MUstMVUtNExJTA==&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSzgJSuhRfBjt0sK_ek8PJiEwV8

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMNks4MUstMVUtNExJTA==&google_push=AYg5qPKJwhRNbrwtXjyTREQRfMUzMkDuCch1yYtGkWDrAw7tChx4hvI3scg-heCsvffpEYfNMSzgJSuhRfBjt0sK_ek8PJiEwV8
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_cver=1&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPIS2POzah6KYE2meV1XbiXvgXInF6MB9...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_cver=1&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPIS2POzah6KYE2meV1XbiXvgXInF6MB9gbZnlL1dN4HfduON8iS6hBw5l6ioZxT7IaEpJftKCEMBKbAQsmDnshMZyMZiQ

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3GqvEYIQVjtMySaSk2awAABLsAAAIB&google_cver=1&google_gid=CAESEAnapUumhWbtGv4As0emh2c&google_push=AYg5qPIS2POzah6KYE2meV1XbiXvgXInF6MB9gbZnlL1dN4HfduON8iS6hBw5l6ioZxT7IaEpJftKCEMBKbAQsmDnshMZyMZiQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Wed, 25 May 2022 06:03:23 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 722A 43 B
296 B 171ms
19ms Image
image/gif 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEM3pzvykRekFa4TFEHUuI8Y&google_cver=1&google_push=AYg5qPIzdjkfE-oN2UzIEDAcJS-Z2TUYXa6sXnMlwRh9nyciqQnSSMqoLJHQLEqauKZk5OGS_f-cFTrPbj7k3sMgnatgl0VUYHk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1653458602&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653458602312&bpp=2&bdt=1132&idt=421&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e43260094b1ca99-22cede769ecd0098%3AT%3D1653458601%3AS%3DALNI_MaX7T79-xmCLyiRk7ja2nAjYAbtQA&prev_fmts=0x0&nras=1&correlator=5554957263962&frm=20&pv=1&ga_vid=819422530.1653458601&ga_sid=1653458602&ga_hid=565231257&ga_fc=1&ga_cid=1570992650.1653458601&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C21066431%2C31067720&oid=2&pvsid=3973602572337587&pem=559&tmod=887465252&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2op6E9xqo6&p=https%3A//www.nur.kz&dtd=426
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 722A 0
12 B 47ms
47ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LflicGVr0OXnMWYycg3zTNZ8H4pNUirybPvXR8JtDkLdYyUeHHvikuCGJrtCgykTX_wBal

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A49 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 627B 2 KB
2 KB 28ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2551447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 710c11530a9b5c38-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 25 May 2022 07:03:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9u5cIaGf0SVdxIUI8npYXdjcBYv8IEEsxwIMhTweIFGdzFsQmN19xvWyx%2Fxf8VpV2HoxcySj%2F%2BLez5CAUp6ZX6njdyqD78XgqTRkTd6024B%2BsE6v4ViqIDKB1iRl9PmhlToDD8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9DBE 12 KB
5 KB 38ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2746881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeeTX4ABV%2F8sfP5uHu9HMNd8fP4JalXeauaFYak3A6Qv%2FPPQezKS2W04KzlH9SKXqf5eVIl8MlizZO%2FVATr79QwBGAuoAlG2XEyiUBIYlBN%2Bf5VLEJhKMj3qsAXLnCuXkRlr87UoDSMqwJP8L%2BIzbMLl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710c11534a1b9195-FRA
expires: Mon, 15 May 2023 06:03:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9DBE 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:24 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 9DBE 56 KB
56 KB 19ms
15ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:24 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 9DBE 58 KB
58 KB 19ms
15ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 12 KB
12 KB 16ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30922583
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12049
expires: Thu, 18 May 2023 03:39:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 39 KB
39 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=741029
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 39728
expires: Thu, 02 Jun 2022 19:53:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 38 KB
38 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=371884
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:21:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 41 KB
42 KB 19ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

56f6845f5ac454702b5ab0b9ea05e5fd19791f3099584a58b1dde7e7aa605ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1137317
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 42298
expires: Tue, 07 Jun 2022 09:58:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 40 KB
40 KB 18ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1798f0a9d19308f6ccf1923ccd7377652467fc81bad168a528a9ca043f5b16f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=453446
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 40938
expires: Mon, 30 May 2022 12:00:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 51 KB
51 KB 20ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2870218c8f77e99ee71a4a49fe9429780a452b4081a1fb38c2d57f10244c7bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 51980
expires: Wed, 25 May 2022 06:03:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 113 KB
113 KB 19ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29131957
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 115624
expires: Thu, 27 Apr 2023 10:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9DBE 31 KB
31 KB 27ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2f93830c-12e3-4edf-8491-26fb70539b8f_479d69c6-8321-4a80-9c08-daaa071e52b8.jpg&v=3&w=400&s=oNzFf8zLUBgRo6nMTOdEaN7B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7ae1cc0b9e351dc168deea2e005444323f1151f7c65574152a4c99531f65d648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=818282
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 31878
expires: Fri, 03 Jun 2022 17:21:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9DBE 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=MCVLxHUVBAaJ0xOJuSGG_qKuAG2SkOEybVZVafWMiDv9iqoCTjduPGGI2DHP8oowhHEQ8UC6vZBphYg07HSgiHt-9B0id9eVwGiz20v1p842LwLo3bylBh9k4-Gs1MPXFnUJeiBmPx8bN7vcZcnTiJ4T19kW9gy0ot_b4bQAc6PwVuTWmusfIhsLtmRSQSGwBN6VTk5aAfW2GGAmgBmkUuofVYxJjnhbT8F_NlhWZK0dIIUwxj2Xd60DDnJpxMU3sVdqWw&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:23 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9DBE 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9DBE 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:03:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2893 2 KB
2 KB 28ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2551447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 710c11535b5f5c38-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 25 May 2022 07:03:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz9iggye%2FlQ4rMWFziQs%2BOKeKQxT2a9gYM%2FcxmnvbwPhd1FSn0ELPz%2BoVC1CJBwidJo0qOpbxFQFyR0D1NuItNEoJ2HQNySaxP%2BwmcliPTn5ZE%2FITiyzuX%2BfjNy42adzSuJoqYM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 06D0 85 KB
11 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50763
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c11539bc35c38-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 06D0 31 KB
11 KB 27ms
27ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=IOnHVw==, md5=TQGT+nK+VK2hQyff6S/VUw==
date: Wed, 25 May 2022 06:03:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2694
x-guploader-uploadid: ADPycdtVCuQh3tbUzEH574ex_2SleVXlxZux4A6yIku4oJdb1MbfAq9XrpYIRpELC21mpsBruNg0lYdP2HJt4zo-lpxtBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 05:18:02 GMT
server: cloudflare
etag: W/"4d0193fa72be54ada14327dfe92fd553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3fE4qjCBDZ%2BgSSF2aQq%2BGi7ypJ%2BCUuZ6O5gao1YjP2%2BNwjq7jwlcLMTAjuyVPRJM4zWePjOMetXsU7y4nMs5rvUumwlafSQ5sNgze7S2Utxf34WSnGOn1g4JsKti%2FF8%2BlFvH%2Bw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651592188892994
content-type: application/javascript; charset=utf-8
expires: Wed, 25 May 2022 05:18:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 10607
cf-ray: 710c11539bc65c38-FRA
cf-bgj: minify

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame D58D 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
DATA 200
OK truncated
/ Frame AEF5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441dcfa5c3c2c355e24740df37e35d4641ecb12e931b5266e8b1c997db8dfd70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED60
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRPXvmb38CAKBKGyUoBaq0&google_cver=1&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14FyD21eLgvU7jq_tdD7xkXgGK7ufuTj3J8SS7LSKgTXEg&google_hm=ZW7NOZrwn4...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14FyD21eLgvU7jq_tdD7xkXgGK7ufuTj3J8SS7LSKgTXEg&google_hm=ZW7NOZrwn46DS2yHI1Vaqw

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPITvsKon0Krt_XQcIpSPXXbt8lfibaogCC1jaZdDBQFKBSYB9rf14FyD21eLgvU7jq_tdD7xkXgGK7ufuTj3J8SS7LSKgTXEg&google_hm=ZW7NOZrwn46DS2yHI1Vaqw
pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame ED60
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh...

43 B
417 B

197ms
188ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 710c11566c439bd1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 710c1154c8779bd1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTYdoaWtQkbs4Aicv96C_0&google_cver=1&google_push=AYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWJmiQgvLlUpPIUX-1i72N39TBc8efTQr-47XW8FkngFn4N3-hjA2wRcDRThVctRp7ni1rKnISXySWXO2oycjppURqEJh80g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame ED60 70 B
265 B 96ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAh7RFKfsICxmZIE4Gej94A&google_cver=1&google_push=AYg5qPJuTf3QrkYutX47TQdLVmFYmRWZJaIGUKcK64EOE1-k_4JyARmzf6h6ggCifdmM-P_gZIaKkMXaHH6Gz4oBjmt76VNqb-KeFw
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED60
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELBEsAluvj9XqbXY8gHafac&google_cver=1&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepGV0_n0DVMEYNsjLVx2w

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepGV0_n0DVMEYNsjLVx2w

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIkUXN3pqfzyPvHgbjLA-x8I1Dc5doxRsszPzox1iVEOQcW9T5O92qJKpRqP_7gVSgizc0UNEABPepGV0_n0DVMEYNsjLVx2w
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED60
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPl5YpW6F1WysBYcOIkMabQ&google_cver=1&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81WmJCe34IYCtuTClUWJknMBgJ-n5wpN87jy6TR49Ew0FOlc
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81Wm...

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81WmJCe34IYCtuTClUWJknMBgJ-n5wpN87jy6TR49Ew0FOlc

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NTQ0NjEzMzkzNTE4MTY0ODMzNw%3D%3D&google_push=AYg5qPIa_heQYCwMTfLhuiJBWzMAHDr9z6oL-lFqT-iLlvJbPcgL81WmJCe34IYCtuTClUWJknMBgJ-n5wpN87jy6TR49Ew0FOlc
date: Wed, 25 May 2022 06:03:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame ED60 0
75 B 242ms
16ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF56zAZJCBIwZoJ547hYF3A&google_cver=1&google_push=AYg5qPI95QTCHT-AM5GDgtcWXl9t_4S05oauHVCqk1U5A9vfdSGg7Owhkzrt5ofNrMOirexIs0Ba1WE1F818nx1hpArWATVw29QXIQ
Requested by: Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame ED60
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELBEsAluvj9XqbXY8gHafac&google_cver=1&google_push=AYg5qPLs430W7ldNbWiWN54aHrOl2L6Syf0sPGLOBHR07unMPBhhePcwhkJ2exOMiH7kDxLa1kY25cKX2tu...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLs430W7ldNbWiWN54aHrOl2L6Syf0sPGLOBHR07unMPBhhePcwhkJ2exOMiH7kDxLa1kY25cKX2tutnLARI4fclZlDlQTPz-M
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
8ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ED60 0
12 B 47ms
47ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iq72BWpkylePIpQDR0Zy7fnLPlZ-J_0BgpsEZ17CD2mBdLcbGj11qvw6-f-HcHPJpSTpsqBw

Requested by

Host: c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
URL: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame E9F9 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 06D0 3 KB
4 KB 67ms
41ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10362886
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2dA3n97sc5W2dfnX3LEusBNyxeAuQIifQXDHoXhjNIydrLAMbrPgPtpuSbnIG7EVm1GtlXaD%2BYNDqxzuPndzRwgkpyQrCkt7emlGFR5JVnnE%2FpLIYoglHQHQsIJdeddNjBUmuwAqoEIRV54d34Ov9%2B7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 710c1155dea99b2d-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 64ms
64ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=87095be202b4ec6c&pm=bmn&p5=lngbo&ad-session-id=6239761653458601621&utg=oxum&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=jifvtne&sj=OL6w8MmUISI05oYVOSbC9UTLj4JbDd-98eKh7yO7McWjkVJ8bgMQo9w-TOvjrQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsny&rqs=qT7h-2HYASOpxo1ihERRpoq6uvaKG405

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2A41 2 KB
2 KB 25ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2551447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 710c1155cff95c38-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 25 May 2022 07:03:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvlXzRh%2Fa1BBygtvmXE%2FLwxen3jYn2bUw5F27yMi%2FORymA6%2BIrdcyV5JlKd5VOrE%2FZYcgjyJIfX4YrxLczdGaCljXqP%2F1Cw%2BwlGhaHNUGGw1tPix65Q4qNkygN4QyVh8dpRxnd8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg

POST
H3 200 rs Show response
ad4m.at/ Frame CF2F 1 KB
2 KB 60ms
59ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3a353ced8db6bcd5c01ba27bbdb2b9096995be4ab765599ae0b4917d399d6e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 710c1156cc28994e-FRA
date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3BE3j0%2BqzO6JcdZH1gRoUlSAHKwjoWNZv1icUNkd2EUwi4CReyDbkTi1FjiFdfEBL4CLXAXuWzJUzK8EZ8TrjIJsT5d90TOIUFai%2F0pczfbNS81J37qkM5yBx9hQUQMlT9wVVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-nmnr

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
36ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 710c11569baa994e-FRA
content-length: 24
content-type: text/plain
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsC3RyQRpzhGcEg2AcRZyrBuykx02rV87x%2F6Xi99Hz9dp22FfHXhVhVNGATs%2BDXxPf1byJS%2FU%2Fp76C1Bw1pvtg25wuFBCjxLfl6puv7v4LzozJQkoANdg7CGMa5zQOfWQEPi2v0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-nmnr

POST
H3 200 rs Show response
ad4m.at/ Frame 4DCC 1 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfcb2880098396200e25064e63349d05bc81db695d76d34da081b8f196af248

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 710c11573d01994e-FRA
date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHHg3QGicxAYSqX2dCviTuAYSoRYaLAcsR2sA2pfSSJVHSCBY1ef5PfUbM%2Bd5ecBqA1bHk01wVTJxauahQ%2FDFtRGEZsJQc76Cb6l1wQft2Rw08Ps7Fi68ov3aG1lPYtqa7j3jyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-nmnr

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 57ms
57ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 710c1156dc3f994e-FRA
content-length: 24
content-type: text/plain
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BfGUO19PWYrSKdwJaWa%2BO3Z2ieE8L5siGjh9x00i4pOYGc%2FHDGgoXe6BOgzRsbYnLYIYGF6ifHYimVqml0eTA5bF4zAXZjk%2Bvc4ySMlqtCsCOUvpS0sSaKKHXoRMdmvj6WO9fM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-nmnr

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 69ms
69ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=d91cacc46512ae8d&pm=bmn&p5=kunhv&ad-session-id=6239761653458601621&lts=fjegurp&ytt=158331285143557&ybv=0.586016&ylv=0.586016&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=mxdrddj&sj=Z_lSr_ZTFZW3liuaT2Mdb05wYr_QhLbXeIdYJB0CudqJ9y3_6pakoqrchrEcAQ%3D%3D&puid1=Homepage&pr=gsysaaw&p1=crsnx&rqs=qc6KKAVqCXapxo1iiRwVuJ2GQPuSnbhl

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 06:03:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 979C 11 KB
5 KB 30ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88244bb20e14d8a3b753419034057c4c3a10bf5f79e2b978f9b52bdae8580045

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hz2mvey2mx5teng96zpf3fh8tjkm8z8krz5sdd0f61jsht1saj2d8mekxzkhh99vx1c3as2vv6b58nc6ks647y4bmes7425ttfezm8d11yzy4aqh426pmvsgkpzvee62x6gpyzyv9f9ebpj58ks3cg8sc2dzvkeyqpkeng4nev4f60wc6thxfwfpcbypwmj6seysdnspv7ft2z54p0bna9wxh8p5nadz7rfsa8bgj9wmt712g8vf8fks6m9wtenmrkx07e45m84yh83kcv9g5yt705ckceza0ts3dzmdjnz4dcfjwcgzppj1m5gcw2py98afh1pcw3nzr22qbzpvczttk0gq3d56kqxse5nxsa4z5yh5vq634vgbwvfertzz4ch3zxzf9vtadg86mhhzg8rt0pa2024&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%26client%3Dca-pub-3369263710096163%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c11576b8a5c38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 23AF 11 KB
5 KB 36ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2989e9473d8f042a6a6bdee1f957dc67bd907e515476e0cc231534db1078803

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hmpg9mqs5n8j5zw7qje3wsv6j7c5hvaqkm1btzwnshva9c08tdx3j5frj25sqa7rr0d9atxkcdtc4jq8fnqnaqg98r6n0dp4wadp1q95mwas2pqztqs3c5mwbwfbj9adv9ghyy5ykn0x6f836bs8tjb5a2nrpp5wvqn44q2nvcn1nb68khg2608zsvz4gpq2xvm3j53z3rc25vr9kzja557vq6tt1gf8jndahfjrsd5414b0zf418ae9z5d0cc7b4srtez280ycxnsf9rjp55et11vcwy45br6fp7atnvacvsqqxf2n5kp24gqd1hpgc02bc6w5jm7yq1jt5cs2knp0te576mzcq80yx0bcejgx6cfhtfs6we0hse8xeahf1k2tcaht4z1yvsyq53hjwc3nhzhveab0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%26client%3Dca-pub-3369263710096163%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c11577bad5c38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18A 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bym9rqsaNYoHfGfKU4gHkpaiAAwAAAAA4AeAEAg&bg=!19Sl1JDNAAZ4vKt9WLw7ACkAdvg8WhVQXEAUL7DMu-mabL8eVyRSj2SBLnOLN4F5tmgaG7A9d2zCBAIAAAJCUgAAAAJoAQeZAuKe6r2L20NB96WKLU4rEp9D_OKGZn3wcxSgrcLS-TNiA_4QtBU2IBzU7pvgPGSJMTomPsSvjjy8MXQEbcSCIAxIu0tUDF7IIgvTxGpjzT_U487n6MXFEH_UPT5hxvELS2lHrSvGUtAl_HQYV-mmZ7cp1vK7Wj1D21M-NQLHxll25R36w-I-NPSKzi5I5veKj6ZFL-G3SvVVtduGf3WtPUNyyg4JjmRHeMzPwLZySFQHlibOwuneIUrOdPBVPKX7j-wiMl6xyg3eKTaGhge7RKuxdUfEngxk9wUdEfH0vaM2OnlvrfNNwEJkYmjLJ7Vn3bm0tDEiLulnABhRGDqMDTuS5qcXcRrrtGkQ0HuUfmtUHnXOGCt0yxvr7W_gkNk41FoZf4NgPOinGszHy8IrxvJLxLIVfC7HQJ2nPfahx-CYQ9g3U-MU7aRMBEx6GggbuYIw_VAaOcxow19QEqePVDpxYYAfV-AujgBab8Dx264gDkFbsmGBZqyE1fGP34SdIl1DkLeyMQ1-YVXSiIinMrPtFlc_leNLyjJjC4ewdZcuPIVWHDeQZ8wn2ZFiZ1-CJk40PcfdXRdNYzM8GbWRZabXq9Dl3zHP_30c4MRQ5jJWaUAV4PDh5tk43iPRFbEwwty_tQZlGmfs99T0YzdzWAQvhxHqYc8sf1ghnoxZCvRA_NEqNywPW-vZBMzzSIMgc3EcNW6ECqiWtmQEoLd2As8Y0NvQmjjGZdQqNKCSeMKmhlDSpRS46u6cKsAF56edS6B08TBH3aD5lOLjxTTgcPyHehggsrwBG5Jj5V8P8W4idmKVgG3iIlXEUBt7MKxtq17vE-vFAZWHj1m6Bu6u8gLF2WKsrqL69yUCYaGeMJWgxTVwGpUu3wKlz-HrFbwCMJxSV2reKJEwciJrj_p01Rr5NNGuzEO8ZlXJldHBNU-jZvDKz6HzOp9yoUh0EarT_BD4_7DzNGUsVXXIxdf48TFkrAA

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 06D0 1 KB
2 KB 42ms
41ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbbf71165978d573414a698dabdee1d4cadf617da53d07f58bb5e98fb45c6f03

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 710c11580e82994e-FRA
date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gA9LllLnfGn8v5B96chMSk5gfLQ5d57rfyYhrV7RhD72de3fA3hsnQbBFOdGUc%2B20DoBwLfUcBE%2B3cD9%2Bh1lEyXOThQiGjTAWTmKzZemAG0oylZRF6sqaWuhrrAgWtoZojSnkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-nmnr

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 710c1157de1b994e-FRA
content-length: 24
content-type: text/plain
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs9QSbyVr7GyAsGKQwVuwwtXw%2BrC7F8FtJptSAxoy4%2Fh2HrluAEy6UeFn%2FdcoyrLNoFl6lf3mAuL3hU2bMQgR3i6q%2Fg%2Bu6FvbYqP66%2BMRDB38HXbpKleq72IdmPUTAbb59ZSmTY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-nmnr

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 979C 85 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50763
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c1157fccc5c38-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 979C 8 KB
8 KB 33ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38103
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduQUeBMem4W1yGAni1XrvGcw1JlS0JHRjuK4aaRk9GQBGSpFfACZfYlDPLn0Zuvr6xj65srBehrLrzuRRV9hFLT3Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfZlA767WMk%2BrXKYcquAV5fDgQnkT7Zhe%2BZHpdgC0MiWTByy5ttmGW2zi3p6e6KYGkV02Eu0ReC9TUepFRFNFqSiDkU%2FHklmYVYxX12VpdUnOLnP3R18d9vWuelv7Dp9jv0Pn7O0a139P8XT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 710c11580d625bf5-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 979C 93 KB
94 KB 55ms
55ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39029
cf-polished: origFmt=png, origSize=155400
x-guploader-uploadid: ADPycduiSxa-lguI7_Fv5OYhZcIqQigIhxYzkwhfqiQ9uFa_RyaU285YC88n89CJ3YmCubQFM3VelJ3dgsP0CafqyNN6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqqWTaVSdzkJyq0d2UNS0guqzb02kQyH9gWi8CJ3JxN5pqCJu06QwebsUL1kjwkwZioM%2BkKlzI8uSTudfxWAqLCmYOK%2BoCa9YGPK3P0saT2C8fOkzGXWDbJ9Ku8FAixcvPicZAPQUb4J3iqN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648136736276206
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 155400
accept-ranges: bytes
cf-ray: 710c11584d925c38-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 979C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJTdsKb9-fcCFZBK4Aod-vQEpA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e1060-dbf0-11ec-85d9-223185680794

0
518 B

50ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e1060-dbf0-11ec-85d9-223185680794
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 25 May 2022 06:03:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e1060-dbf0-11ec-85d9-223185680794
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 979C 38 KB
39 KB 25ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41181
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdublequrPP_3Yxriyfu7m7hfVz8uujlaGCw2wWwJbZNksTFWWbPI13arTsYuwUUE3loz5hOCrdIoOKkfK09feePwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgyIz%2FbWWKbyBr6BC89u3jw0%2BoPrU7kO0d2JM81t%2FPn0IF%2FpevbDvLYM%2FmItT3yYZ1lRDgCLZOVUQt4wMtdiNg7G0WjGWdKB3sXs7V0UzCk%2FqiUOKb0Z5MDhurSYXk5hOsW5ab9P%2B9iJ5mnQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 710c11584d955c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 979C 84 KB
85 KB 70ms
69ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1364703
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdurVX_TQllJqq9NCW6CCnJhtUBuEYviYLcJ9o5JewjDiNHuXcYN19gc7beLhxzBmbbdTuJnZ5pv0IrAlbaM2pWlyJLPnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRRuEafE%2FKf7LT2oXEG6lWpnJJM5jeMldVCO2Fgt52MRaim980qOcJ4SpoUIBkZ9KTmbmsi41E%2BafyzAvtXFJMr8HzxHD0Dy6n05nxs9Q6rP5mZr5J7dpxRHBV1vi7sTS2d1TWAVYvJO0FWw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 710c11584d995c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 979C 16 KB
17 KB 72ms
72ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37709
cf-polished: origFmt=png, origSize=39979
x-guploader-uploadid: ADPycduUHbksL3PBA4ix_LLVHsxCgOG7KndVB2wceKffpsa2df1oecX-gemhb2nLBECoPg7aZb2Si28FpLbl8PAuILP65g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLw6GxhMq12wmYjDnAeesY%2BD5N4V%2FoDYm8KrfjpGr8GKp6LSkNPYUhXs3Yob%2FpIaYdp3Y1sPpQfYpSVaD7tWOsy2kFqbPsGz7zevY7lX%2FnrdDJL01IrD5HYtddkjdTC%2FCLt0I%2FMVVIzHSNCz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698475785088
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 39979
accept-ranges: bytes
cf-ray: 710c11584d9a5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
assets.ad4m.at/ Frame 979C 20 KB
21 KB 73ms
73ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ms9cAg==, md5=CE5c7L5VWa5ws5REMc8kpA==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41616
cf-polished: qual=85, origFmt=jpeg, origSize=61317
x-guploader-uploadid: ADPycdtS_N2fRF4UA_Cdd2YBPI8GgwNuQrfrvqDusO-ohXoX6DaOHGnY3jrD_I2A50tCqalGIqMF6GA6lUl3XQPpy_JG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20942
last-modified: Mon, 07 Oct 2019 09:26:20 GMT
server: cloudflare
etag: "084e5cecbe5559ae70b3944431cf24a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpyAsbcov53lt7sLMCMX5KEyDNXyrXEgnsRgzm%2F8pcGJ07c56dgt4tEYQuHdqVNZSg7dpS3kDPywdDj8a%2Bi9GfkN%2FKYzdlbweUY1GrxKafCd0%2FOXeYNHPz5nq369dQWKgcFSJHqe5B5n8ZTj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570440380010734
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 61317
accept-ranges: bytes
cf-ray: 710c11584d9d5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame 979C
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz&gdpr_cons...
https://www.zenaps.com/cshow.php?pvr=63785ff0-dbf0-11ec-977a-2266206bbad7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWav...
https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_63785ff0-dbf0-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

0
696 B

86ms
44ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_63785ff0-dbf0-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache
x-varnish: 304888043
cf-ray: 710c1159f89f9168-FRA
expires: -1

Redirect headers

Date: Wed, 25 May 2022 06:03:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_63785ff0-dbf0-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 23AF 85 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50763
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c1157fcdd5c38-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 23AF 8 KB
9 KB 27ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38103
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduQUeBMem4W1yGAni1XrvGcw1JlS0JHRjuK4aaRk9GQBGSpFfACZfYlDPLn0Zuvr6xj65srBehrLrzuRRV9hFLT3Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaWwtsclkGJra%2BkBsUigmS%2BOXrHjyAjcfj2gVaiaIGNmKaphBTDH2JGwExuCoCxKHHFIB5%2FKUqGTIVEczc3SaiB8BzKXUs6W6MI1Aa3Chowd2LxNK39BHpWrR5SJZZNrfG2wYLdlcPWIKe3I"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 710c11580d635bf5-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 23AF 93 KB
94 KB 39ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39029
cf-polished: origFmt=png, origSize=155400
x-guploader-uploadid: ADPycduiSxa-lguI7_Fv5OYhZcIqQigIhxYzkwhfqiQ9uFa_RyaU285YC88n89CJ3YmCubQFM3VelJ3dgsP0CafqyNN6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inSr20FxygcChpTzWhwEBdorcsL86OLuxRaidS7Ck797D%2FbhM8ISz8fYKHuYRh5KwFUsnofb9TYYaPXs4MSMB9bNj%2BF1hP1ECI1D4nf4%2F7Tr6dVUTgES4ypYM3KzjFK0%2BYTAKolioPYaKCb1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648136736276206
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 155400
accept-ranges: bytes
cf-ray: 710c11584da25c38-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 23AF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKDfsKb9-fcCFbjXEQgdvb0EJQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_co...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e3771-dbf0-11ec-977a-2266206bbad7

0
518 B

52ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e3771-dbf0-11ec-977a-2266206bbad7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 25 May 2022 06:03:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1653458605_639e3771-dbf0-11ec-977a-2266206bbad7
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 23AF 38 KB
39 KB 39ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41181
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdublequrPP_3Yxriyfu7m7hfVz8uujlaGCw2wWwJbZNksTFWWbPI13arTsYuwUUE3loz5hOCrdIoOKkfK09feePwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DazBs3TMZ6PmFb0O6DQHLg1fVYoXylyd8zzzFaFjprOGr0WttOlGxvM2oeCTGMFwBpiDFXVHQJjpQwHDX2qkChaGKJSHSO6IO9sySC7fowowJ6ljrOR%2FTBTmPltbMpTmNMZuj%2BFN8GEaOpt0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 710c11584da55c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 23AF 84 KB
85 KB 84ms
83ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1364703
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdurVX_TQllJqq9NCW6CCnJhtUBuEYviYLcJ9o5JewjDiNHuXcYN19gc7beLhxzBmbbdTuJnZ5pv0IrAlbaM2pWlyJLPnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWSEy5MULBVGRdpSs3%2FKc6ATcA7c0393gchrIwdxbTtWTKlEDZQ1%2BhDiR0G6SaNZJbXtv9VL%2BuldXgeeINiKNh4yYg2ETcdT2rAMNEU7h1a5p4P2J128OseursZvP8KZQ5GssvXAohsI2UZZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 710c11584da85c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 23AF 16 KB
17 KB 87ms
86ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37709
cf-polished: origFmt=png, origSize=39979
x-guploader-uploadid: ADPycduUHbksL3PBA4ix_LLVHsxCgOG7KndVB2wceKffpsa2df1oecX-gemhb2nLBECoPg7aZb2Si28FpLbl8PAuILP65g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEdWBvnmY3niuCj9ArTVpoCVQzqNUhsrvfUoTgZkFm3FjmC%2FBU5R%2BIKoK54uURrukQ4dxQP77jNDjcgK3n0HOqH4qAowM73S7WT6HjASXdg0I7p5SOyfqfw1qyNV9XwLJbdEUpWcEVIhV5QF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698475785088
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 39979
accept-ranges: bytes
cf-ray: 710c11584dab5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
assets.ad4m.at/ Frame 23AF 20 KB
21 KB 88ms
87ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ms9cAg==, md5=CE5c7L5VWa5ws5REMc8kpA==
date: Wed, 25 May 2022 06:03:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41616
cf-polished: qual=85, origFmt=jpeg, origSize=61317
x-guploader-uploadid: ADPycdtS_N2fRF4UA_Cdd2YBPI8GgwNuQrfrvqDusO-ohXoX6DaOHGnY3jrD_I2A50tCqalGIqMF6GA6lUl3XQPpy_JG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20942
last-modified: Mon, 07 Oct 2019 09:26:20 GMT
server: cloudflare
etag: "084e5cecbe5559ae70b3944431cf24a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab0vbLdPSP0uFpIDhL%2BfC%2FqFl8ZFwhXPH25XimdPP9PVtHu8gKvmhOw7plo6RHLeMAHe9B0zw%2FmFH4y%2B4kHPkjdYIKXvTWvaNJZrNMJUt%2BOhagPVtEr70S5H5Lpc9C0IUg66PzwI0jLYAoM1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570440380010734
content-type: image/webp
expires: Thu, 26 May 2022 06:03:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 61317
accept-ranges: bytes
cf-ray: 710c11584dad5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame 23AF
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_cons...
https://www.zenaps.com/cshow.php?pvr=637838e0-dbf0-11ec-91ba-2230ae711e76&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5...
https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_637838e0-dbf0-11ec-91ba-2230ae711e76&insert=AW&&gdpr=0&gdpr_consent=

0
270 B

91ms
49ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_637838e0-dbf0-11ec-91ba-2230ae711e76&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache
x-varnish: 299243744
cf-ray: 710c1159f8a19168-FRA
expires: -1

Redirect headers

Date: Wed, 25 May 2022 06:03:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1653458604_637838e0-dbf0-11ec-91ba-2230ae711e76&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F5EA 13 KB
5 KB 76ms
75ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eead9e2fced68b1b473c9880e1a1f322a3b5e19da1796cc2387ae23a3795b3e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h6eh3mm4yv7qsghjnyj4knsfbf6cgbzgv6chwm2ge6yk4xdrygsjj6g6zjp1776e4z5r7196cx8e9f8akkzeps14bgvjwr33r5m78gfng4ehak5f80v9jnfac68dzrs1b28g6z1w05sdcw7pbesfx0j27k7hsgpk88snjrgc4mwkw79zxbkrymva0xswrp3ysgznt45hjdk0b5k2r5vpem78xdhf69m13qgdt4evk4ttd1bd2b53zg76a4nfh0cybv2edmzbbbwg6f48t4496x1gekx8tmabr3x739qec1vppfrcr10pamfwze4xw6bczw430vkyzhnndmjhn20kbp5zmh84hb0jw3h55djk1z718jjrpap3hb17tj6tv1w937wa0tamafy7m8epa4cxxjdxn575aff&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%26client%3Dca-pub-8580196427209314%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 710c11586dda5c38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 979C 1 KB
2 KB 256ms
171ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpgtbq5zp588yc5bpacbtcme2e4pwmt3cy279c2chnvh968fk97qttfydetar37bn1f38jd5kcs68epe1ge1kkp62p6hjna8pmdda6fwswskx83jb11jf1ejs3b4fwa21ddx93htfnrndtg9zsgj5nxj30dywmy04zjddts2vv0yhbpctkaen5cbe9mtyw9km9v78b78ms44qb3faepxh6bc5e551xmx8s4zfmb2k080e465apamr4khr4jfg7r2w6krwryys2sq6arh646svqh3baexkkpwe64k65whmmvvykzexpayw8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%252526client%25253Dca-pub-3369263710096163%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: e0ba8eb78075548b74d2f90b577247b115db32ef3922d7a739a4f68cd5a57a03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:24 GMT
Last-Modified: Wed, 25 May 2022 06:03:24 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1444
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 23AF 1 KB
2 KB 241ms
157ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kst8e0rpbxq4rh7h7axxsayf4dpgnczpm04pha44n3y8d6v5drmkzxer7a4hmy4fe5mxg36j1r7g92a7qm2gj1da3dxs8yv5fhg151rmnj6137vesjsj3kpedatzs17q2nkykrbf2862v0g56txcr01fpm8c60b1dkyfpve28stebp66qfj4y4327m575fcrnf9bjj975x810tgdqsj3qszh99astwk14h91r8zc0p5thjkec8qf8n6sbrnbphkp299f300r6arrjv72k6had0nbfng9kj1pry6nwt38ws190rjk0bxc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%252526client%25253Dca-pub-3369263710096163%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 4bf8e2b1f9b9196fe82c1b41b93ac1f9a54c6a88e06489b0d8427bafc0f44e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:24 GMT
Last-Modified: Wed, 25 May 2022 06:03:24 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1480
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame F5EA 85 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 50764
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 15:57:21 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 710c11594fc95c38-FRA
cf-bgj: minify

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame F5EA 127 KB
128 KB 29ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=YhDYkw==, md5=0dFx3WUVIvQaL8DbolalRg==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39772
cf-polished: origFmt=png, origSize=233620
x-guploader-uploadid: ADPycduld7LKQ08ED_kzkeXT66r6Do2UPespP5shwdy9T-7W-UxbMZuHKiJ61kaZYHkZSi3nuFHecJ9uH3idw07Z1w0s0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWU6tQ5to6EeksKj%2BHa42dA8Pe5dYSU4PJe9GIeJT4akprk6OwO%2B75kXslYV4GIQT8BRm850%2B95Flf5JLuM0yIX6n4KhYyJ8wyzY2AvyxsvRRB0jperdmB6TizenkoBahlVq9sV3ow8nUpNe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648537851916987
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 233620
accept-ranges: bytes
cf-ray: 710c11594fd55c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame F5EA 461 KB
462 KB 24ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=uxNdng==, md5=G2kngkPBB99bERhrH2ylhQ==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40505
cf-polished: origFmt=png, origSize=731561
x-guploader-uploadid: ADPycdus_uQ3Beb_gFd1tzQQutUJw5ACEF1zReFcRwNfQsEFEMxeVIHMFsvVB9GnVFHpGZcjf8zDqaq65HcS9Kt907fgUw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yH%2Fbd3ilnvw6lPk4hDNBIjwXZ%2BcXoVF07R%2FyalVGTlcA8agxk%2BNTzhSYiDcN0WiVwFhfJ4wElWYvhaWxFQySxo%2Fn%2FtVpIQ7ynzDs%2F3U%2BrjXz4EeMVrc%2FZqRKHqaPQOC0bKP21CFWBH3K0AY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648537411511396
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 731561
accept-ranges: bytes
cf-ray: 710c1159a89a5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame F5EA 18 KB
19 KB 44ms
43ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42520
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdsMcdgjHvakCu472DI1tQ0B2sF5i2nmavVni4o8zXew55ygUd6mDVQPtlL8KdjLaRAsYSg6vqL_k5RuifZw9DIRsLlnizop
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYtpw1kjUs4genuuMtGMSxCn%2F8emUYlgnZTDsr1wLPoF0LtOJCY5ECRrse1xmSxo01GqpXZLsYfLRzP8dOqtcTnoHPktA9DE2Tcta1mIMiNerLmzOTQPyZNnPKvSz5KfBTyJeBzkMKtzj7FU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 710c1159a89c5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame F5EA 9 KB
10 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37256
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdsbM8YjzHrtWB41RDc6T6Int6TkQnqVy1bz4uxoYYoxfTup2BX7r4JWAV5yDd7chOieuSYYCujH-3fTXvWmjJqfFg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B06p%2BWvPdoIgHjcEKSheAktAvv%2BfgPb9wMfk%2BXRyjGE0f%2Fy4Bn5sjNRGe%2FqK4kEt4hcYk5HUFcSglhTBgdKntx2uS5fJAJY2D0PlPSYqU8w2Ik5NGBLn1R%2BPX5f3%2FcurYlZyRGlOjA0xGWz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 710c1159a89d5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F5EA 43 B
705 B 34ms
33ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame F5EA 12 KB
13 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31771
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdsS2QP14vmmrDNEwfJXXLtuLYXJcre4IOKN5UWoLDreJLmRABDF5nCulpzhR5X52aJW3VXYOqYFRlTNeGIipzSB3nLECjpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKHTpgIwTH6%2FWFI79rJkC3js8ZfnlyAFbWzexPEPXDhgvoLW%2BaY62N4S7DbJAkdpfy3O6hXpCbUyFfL3eaQSFMSCz5bw9%2BmKeQ6LYEGs5lDvJ1Cf9cQ7e6VLvz2%2FH%2FjGW8VtY5s9Xp1sR2Sk"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 710c1159a89f5c38-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame F5EA 42 KB
43 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=4e5XkA==, md5=IApgItXE/tw7TfHLo2DKwQ==
date: Wed, 25 May 2022 06:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37715
cf-polished: origFmt=png, origSize=68898
x-guploader-uploadid: ADPycdsKqGooFhs2tDdY9XakhfSDAhjPult6GDTYaHO8w-FXaxG9S2nUFS10dZkFvyTUqRkK_Bgo3-Ro-esIimTJT8FT4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42816
last-modified: Wed, 09 Feb 2022 14:47:59 GMT
server: cloudflare
etag: "200a6022d5c4fedc3b4df1cba360cac1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXkMv%2FkqtHB02uPIj1QLhAtJ6OQldON4MloU8E1Jm2LOkWpLutFpjgGwKBCMi3pfBEbKdNhLlMGgHx3vVMj%2FtMNA72kXzYhBlon5Pwae8wBhj7Fgi6IMZGuCQiIZygRQ%2BU2I%2ByqNNZ29%2BzNL"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644418079055001
content-type: image/webp
expires: Thu, 26 May 2022 06:03:25 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 68898
accept-ranges: bytes
cf-ray: 710c1159a8a15c38-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F5EA 1 KB
2 KB 204ms
159ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1javnjt1425d6anth8x0587sa3hrt7an6gene251ft9fskhkngd977xmf4ntjdn3a917fzwxsk4jaeaa7pz85sc38carmtbw0vh1wfh1s45mqptk4qxhhpmtdwdcdbtpmmjy1d0stts63z3n72rh58n4sq28d0xqwhsvdezec4g6wghpsak6pqp9k6mw4cnx28tsm0qeajhg995sc56pfym4svwqdqy4rfycywd2hycf149kj5n96sa7xxrep62sy8gxdn8sgwtcfnkqtfyb1pa4xyfhvshyjbqbk92rsg3ey3g82hnramg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%252526client%25253Dca-pub-8580196427209314%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 50692dd1598ea954a198b325537ddd1b1c28ec80d58fa4150f7a4c3d17aa79d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1463
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F5EA 1 KB
2 KB 213ms
167ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hse980atzx2j46p439g17an644pdmeygh7tyfwm24b9hjae1b4z7yfwhh0j2b225qpkhd40kwdm7hgeyd1x3b07mah2yp0v8k42nrqf9frxmk361qqtysk94sqswgkrjnwsjtsvvjnqwp4994cdtapkkv3w00fckpxkwcmdyhq58ctxr5dfkaskdznw40hdhzxja4vqgt1kqnsks2th7z9anhcbgscms64kznzrckp1ypfe2nbw23m70rv562f7ee9n5ebpgezhkpp0yzh3t8kw871h4178cbrjw2b0wgpa8knfpm0jm%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%252526client%25253Dca-pub-8580196427209314%252526adurl%25253D&clickref=oneidxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSAoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&viewref=oneidjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 4f46f4bd9ebcd718cdae8f13c431f8d46244424220d84c2eee01de3f90311530

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1485
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C1E 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8mHDJ0e76TCgNyXj2jnUOEiwRZ5O6l3QNQ7C1-kcoXUn_TTt7A2sb8OOaKIPPvO556V78kj75FaoMEjC3FnhhvjN4lXBRcIiJt62YkKy9jbx0D-TYBdXWsS3a&sai=AMfl-YRBZ6MB2oQT3J295u1jAyL7zhZjCMH8-5sRd-RRKqu0vgnEeYHRxTpR_kkcnjL9zKtjzSqkutvsdR4uKoW53V14gFsrhoYSDhqbkhSfw8r2SnAjZswkw6XKgIo&sig=Cg0ArKJSzO30HKwpvwJDEAE&cid=CAASF-RohSScjqaNeZ3mAHIvFoNd3s4b-0_A&id=lidar2&mcvt=1061&p=0,0,200,728&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1921805917&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653458602739&rpt=1333&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 23AF 51 KB
51 KB 41ms
8ms Script
application/javascript 13.225.80.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kst8e0rpbxq4rh7h7axxsayf4dpgnczpm04pha44n3y8d6v5drmkzxer7a4hmy4fe5mxg36j1r7g92a7qm2gj1da3dxs8yv5fhg151rmnj6137vesjsj3kpedatzs17q2nkykrbf2862v0g56txcr01fpm8c60b1dkyfpve28stebp66qfj4y4327m575fcrnf9bjj975x810tgdqsj3qszh99astwk14h91r8zc0p5thjkec8qf8n6sbrnbphkp299f300r6arrjv72k6had0nbfng9kj1pry6nwt38ws190rjk0bxc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%252526client%25253Dca-pub-3369263710096163%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:31:46 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 59500
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 52083
x-amz-cf-id: Xl5GTbipZZaICeffqe5kXcq0qSOTdq8jo7Rb4W6vzeHDOFgZ9nSWzQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 23AF 85 KB
85 KB 74ms
30ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidP3zUBfbfRbzh7CjHbtMtPzEHJSgtPAkHponeid__asuidUkep4amRSf-robjgcq6Ek5Y_5GchAuw5asuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=b97d94971f9d0e322c62f964154ea848%2F3763516101815513498&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvwrmrqfdjcr1ywzs5eas9jpch4n3exq1kphdzmjvmwyex4t17px34nbdvdahg7swbn5ae4rxtfwrcs3nxe4gmftqq5r9kyh51wbc4p8w3dd6gcw6nfgc95tfnsbb7wjhtepwjq268yt7vs7bn0ar3qdjm7mzs90h8bkw70277k1k98yjymp1hc4x8ft8g4psb9z08me91qy6cgpdc5ggnvw7zq03tp52qsp4a95qqezs5rgcynxmmgayzxk0fgfdfpnqgqfg29e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6wnqsaNYvrpMZj_gQee3IeQAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0HESWxGUTt9e4eUSbFXPZnjVPxGPPaZB6XDofN0FfuYgYwHNdCogGnl-1FyyOqYPDUUhrdUvlFIDWiqgRwvH_PdafUEsSpSdPkeWh-qYkWQz5txW7YN4q0Qg7cqUG2NnhqhJhY4eOoEvpniX9zmYLXs2A6HJ2bFF_EInnWh7LgAP_IRQQvBM-ahO_7YHJNN5ahdEuPqB43W756YJA6DNDHZYHbqOKP3Cbj-fl4EmamPSnRgBUrQosPr0kzJ6Y6WXnuruKxsCcT6VXiIHtjP0cqrkRmR2ldx2r1tsO_Zb0-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11nXNhOAJtHAYOGLphiLExrCGgag%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 979C 51 KB
51 KB 48ms
16ms Script
application/javascript 13.225.80.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpgtbq5zp588yc5bpacbtcme2e4pwmt3cy279c2chnvh968fk97qttfydetar37bn1f38jd5kcs68epe1ge1kkp62p6hjna8pmdda6fwswskx83jb11jf1ejs3b4fwa21ddx93htfnrndtg9zsgj5nxj30dywmy04zjddts2vv0yhbpctkaen5cbe9mtyw9km9v78b78ms44qb3faepxh6bc5e551xmx8s4zfmb2k080e465apamr4khr4jfg7r2w6krwryys2sq6arh646svqh3baexkkpwe64k65whmmvvykzexpayw8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%252526client%25253Dca-pub-3369263710096163%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuidkTUv0kTJ2-IHeQHqznYSql9CeWavfmoTasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:31:46 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 59500
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 52083
x-amz-cf-id: 8GSvuQ4zl9q5Cp-gVzVzbQP8OOdho1l00Bl_QwqcQn1J2j1lsKty5A==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 979C 85 KB
85 KB 80ms
33ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid86EHDf8fKRWagHJHEtxtkr3hGSwT8jFkoneid__asuidSoIHqHIrjBdyNY_p_4Wp7r1gW41M2PF4asuid__reach_adf03netmixsis&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=kTUv0kTJ2-IHeQHqznYSql9CeWavfmoT&g=02036a9dc68490f6dd832767f4c82e33%2F16115169092999220410&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604634&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k34embqp4teh0y5txe51rr7zmead9pdz2cq4sa3wts6ewse13dwtze7wv4t2fpd7654frmdy6t1efk0337dxvgtvmdzr7rca6ck382nty2y6cchyvs474rnkbh3dnvd1jr49cznsbjb1hp0ekqjs2vnfrqjmfw5hgy9x8q7t3fxw3d9yh697ccmxpep1ssgxjbp1nay00yr9bvj8bsx5mfe3mkrmarzpfwnfa0vf0jtkmntpbc0kmj8e3wnfwesbkhg6rddaw5tr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvPtyqsaNYvrZJNSE7gOx6JXAD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNjkyNjM3MTAwOTYxNjOgAcKu6N0DyAEJqQL2PSpljwKyPuACAKgDAaoE4AFP0Pj6wHwgfw7LbrJSeYJMLxd7WbEztAocvDVpx_BBEd46fmNyK71sf0PaK_6X4adCse-UbgGiMCU3eDc-fwLGjN3vo2K1NEJVOKVWEKbNqj4BNfG32vMm-4jJXSFHbS47AZ1GnXN8q2ZJPgU7ZpD4EP9vDd9Khy6VnKxX6RhrPP2TQ3t7sJSxI7m1gA3lvBedhSz7Tltd6QuWKEm61ydo_AbiPrScmNNTPjBD8cQxa2QQAf3bIG8-0xh9WL4yoIxq_Vf0udlGrs6kEEG9ZikaDUMk-qH-cxCkkXGwdt0cmOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K_-9XstLFt4N-KtAtnEx5FSTNcg%2526client%253Dca-pub-3369263710096163%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F5EA 51 KB
51 KB 9ms
8ms Script
application/javascript 13.225.80.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1javnjt1425d6anth8x0587sa3hrt7an6gene251ft9fskhkngd977xmf4ntjdn3a917fzwxsk4jaeaa7pz85sc38carmtbw0vh1wfh1s45mqptk4qxhhpmtdwdcdbtpmmjy1d0stts63z3n72rh58n4sq28d0xqwhsvdezec4g6wghpsak6pqp9k6mw4cnx28tsm0qeajhg995sc56pfym4svwqdqy4rfycywd2hycf149kj5n96sa7xxrep62sy8gxdn8sgwtcfnkqtfyb1pa4xyfhvshyjbqbk92rsg3ey3g82hnramg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%252526client%25253Dca-pub-8580196427209314%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__asuidNjfIGCtMKzPoif1ud2oOCTmGtkn5q9FBasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:31:46 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 59500
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 52083
x-amz-cf-id: a5ymZS_GmZBop8DY5Uf_AuWj1lNt23Mp-boUoenXquuE79lhKLtUTw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F5EA 48 KB
49 KB 86ms
34ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid26YEH6fqfjDwJHxCWHkt8txY2fxSgtZmtgoneid__asuid1Bgu33QQl1oeyv-NVsF-zQ-4JMpoHF_pasuid__emmaglam_advancedad_300x600&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F5EA 5 KB
6 KB 81ms
34ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid2wXU6fqfYGRuVHWHkt8tAJbHxSgt7JRagoneid__asuidCtTuZTW3aInioELb7-tQun-zENbOnNvPasuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=3247651
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=728&d=90&e=NjfIGCtMKzPoif1ud2oOCTmGtkn5q9FB&g=499b4ec65607ad2db351a927bcd7a4f9%2F6101578044710108777&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1653458604829&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9fvhhj5b3k6zv39c04kcmwxha08g0w2gcxsykwq29jt0cjh0abhn2b2xz7f7yecsq8axysf5sb6bykgnb1qbbt6xwnbj6c2pyx0qnb84t95kcgxa1z68j011jv414q96krs7exdq71bh54hnm25qnwrwknrewkwg45a96mvpy7b2daetcspp9k0q73maejejphdq86cshkvghjxpvv4sw3prhe586ne6kttswkh8sqjbvak64cayq3aemar9qcwvjf5k8awfn0e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCga96q8aNYqaIEYiK7gPEho7QBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg1ODAxOTY0MjcyMDkzMTSgAcKu6N0DyAEJqQJKUfIa4PyxPuACAKgDAaoE4QFP0PCA1qfCU-sEFkprYel9rg90Wlnj977mjXkafjEWiUeXfVDatuOF9IW46UPwkJkhV-NCV1p05sCI1W3acM2z-pUhD6Uh9qO4FFXXj8N8_AG7KT7dSYuPVR1hT3VxIQQQTAgQkWzrHswLk6OCkxmMHT1SuJVePRhW4lJvsf-V_xMi7oSicNnoVpKJSGab_bZe8VFqaxSZCIUWQ86YI12DRKVnAQJmNSZQZUgl1pPnNNzT8a4QHGJaoUCQi8oBEz0QaWdtqmO8FfwQ58AmuwJ6A8-nUy0s84NmAZkmrLH-OD3gBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_275KWGj7PJdenXfdZKC4FqefpRJw%2526client%253Dca-pub-8580196427209314%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:25 GMT
Last-Modified: Wed, 25 May 2022 06:03:25 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 5257
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&RedC=c.clarity.ms&MXFR=1E80B97FC19F6A9D0006A8D0C59F642E
https://c.clarity.ms/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&MUID=39C8DD43909F69BD1E4ECCEC91F468ED

42 B
370 B

27ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&MUID=39C8DD43909F69BD1E4ECCEC91F468ED
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B1F3DE59B24448CB59775A9E8E5B5CF Ref B: FRAEDGE1420 Ref C: 2022-05-25T06:03:25Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0623FEA350FF417F8E4DB26A61394245&MUID=39C8DD43909F69BD1E4ECCEC91F468ED
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
54ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0284dd685ae0498b7c765b9b8b31f09e77736ecf3ed0970f357cf05ba830bfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10642
x-xss-protection: 0

GET
H2 200 f597fa048cff1f12.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 104ms
103ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f597fa048cff1f12.webp?version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2ffd39055620531ddaee4b415d5c74f9795247e47232b2a97b335df897a78e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
last-modified: Fri, 06 Nov 2020 06:07:54 GMT
server: nginx
x-cs: HIT
etag: "d8b595b9d4e29e43d69fc7e9193d4f84"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9660
expires: Thu, 25 May 2023 06:03:25 GMT

GET
H2 200 2e050cdf4296ce25.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 205ms
205ms Image
image/webp 94.247.128.36
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2e050cdf4296ce25.webp?version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.36 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dc55bad6797af66d2c90351a1ab2ad0578206a398293ae448f0d0e2998d5bde6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
last-modified: Tue, 24 May 2022 03:44:00 GMT
server: nginx
x-cs: HIT
etag: "cebea4adef1dce7a37d1e49aaa161e3b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3952
expires: Thu, 25 May 2023 06:03:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:03:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F17B 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 04:10:31 GMT
expires: Thu, 25 May 2023 04:10:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A36 783 B
535 B 40ms
39ms Document
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9231720cda0591a8e961193d0f17af8a79c3c3658129af2d723ebbabe823289

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mlOx-5G4MsLahp2F3g_GMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-mlOx-5G4MsLahp2F3g_GMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:03:25 GMT
expires: Wed, 25 May 2022 06:03:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 all
csm.eu.criteo.net/ Frame 9DBE 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 23AF 16 B
232 B 82ms
81ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 123ms
28ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:26 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 979C 16 B
232 B 90ms
90ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 104ms
29ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:26 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F5EA 16 B
232 B 87ms
86ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 87ms
29ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:26 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F5EA 16 B
232 B 86ms
85ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:03:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 80ms
29ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:26 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A36 0
0 103ms
102ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=3973602572337587&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame F17B 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F17B 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TYHCVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:03:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
109ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=3973602572337587&bg=!ycqlyo7NAAZ4vKt9WLw7ACkAdvg8Wo2e1tatYvWH2F0LiUI7mtZJyGl7XFX1i2G0ghmhxbgGs25J9gIAAAGLUgAAAAJoAQcKADNxizijUn2Bhnm1wlgm2KkQ8_kJboa4ZiOq-SPoZVjFjo-ipheBdP7VCdCPVPBEV4lpoKKZApmF9Bzr4bSJAG6-lH2fcHDg3vXhDAM_42Zzk2UYwv34HsChu2-1bz_JJU_I5wHV3vqkoAxeC4x4tWhHoPQYkhLxr8MgST9T7qCpGAqOM9bKTgW588lpUt64TGxMRHkkVgW6RlLTqoJ2U9Wy96xB8hn4b2WnHmolxdFxgQ-omzE96059GCRyL06OoxkvChcOlJes2Ylgv8YDD5XRk5dWJ2tettfbw1Nho4Y2LIVt2FLP1SI4LLaWPO9NbZs1r828-WVoD_Ul-zVNRzcUvSyQ_m9x5bNb3YWgcIFre9PgPS-4ELvbMK4cdySbXgM1arH-KW_Dgyvvx2iwTnDnfsw3MgZ1jyPIjMIycvK1Ttjngx4n1yh9tskTTKN-7jfNUFdqpJDOkzUQR31jXKRarf2yx0Hx6naKIIDeCj8xipc7BmSpcawLzyQiceJeXwSbhG3Ok2-HK8Fw5sn-Oa1Qp6n-1bqjLsmCMLdOHF3qDW8wFKBI6ZVhV5wdoOMRRvsZaP8zxShfpxAyxr1wgpIoYZOnBIG8NRuWPTQuPsUMjo2vkCIjWM_a_KERaBXMnKBez8w5cZHJNSb10rLKxn1CFSv200xPZlZ5aSSWmqzTFowEPxBJk2z4F_0mhUeC-DtlLhAJIo73ecOKEIRwCQAN_iEJ4StdCpiaKP5M2lLIXt4k_PxxNGOPMhIaa0pUZTX60XAoh9_Qgt_grw9GrNmSuH4RbLoWsA0bcBMt_azo-t0yAPQjcUkCwPYk1Ga8hGPl1sMV-gAlvAEyYe6cdD67qc6w15Clk0CTUkRk6wMQ9z9B9LYeXBLSb23wI4ljy-lsAMfCq-evIAzjoWrB90TBsa1wQ0cfrYeR-sv9y9DWkm5X_UhbVRS7DS3d8GztPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 835C 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 111ms
33ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:80a6b5b0d.79eb41db1_1653458601297,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653458611351
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:31 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9DBE 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:03:31 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 dc_oe=ChMIgdyXpf359wIVcoo4Ch3kEgowEAAYACCS96ZFQhMI2qn6pP359wIV0IR7Ch36PwQu;met=1;&timestamp=1653458613870;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5E28 42 B
494 B 145ms
64ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgdyXpf359wIVcoo4Ch3kEgowEAAYACCS96ZFQhMI2qn6pP359wIV0IR7Ch36PwQu;met=1;&timestamp=1653458613870;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 293ms
90ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:80a6b5b0d.79eb41db1_1653458601297,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653458621393
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:41 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 dc_oe=ChMIgdyXpf359wIVcoo4Ch3kEgowEAAYACCS96ZFQhMI2qn6pP359wIV0IR7Ch36PwQu;met=1;&timestamp=1653458623898;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 5E28 42 B
63 B 137ms
68ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgdyXpf359wIVcoo4Ch3kEgowEAAYACCS96ZFQhMI2qn6pP359wIV0IR7Ch36PwQu;met=1;&timestamp=1653458623898;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:03:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 98ms
32ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:80a6b5b0d.79eb41db1_1653458601297,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653458631358
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:03:51 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOCnxnD5sG8BINtWU-ZS9ac&google_cver=1&google_push=AYg5qPLqTLxoR3-qyH8bR3xQCMHHAM1vJ6MEwNDXnlGw7tew7r848_tzwxs9XSoji8SaDtlFglgsWDHixsiLGliRKWWWjNh7Q4IPXw

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nur.kz/	1970-01-20 03:17:39	Name: __io_d Value: 1_705468254
www.nur.kz/	1970-01-20 12:03:14	Name: __io_lv Value: 1653458601296
www.nur.kz/	1970-01-20 12:03:14	Name: __io Value: 80a6b5b0d.79eb41db1_1653458601297
.nur.kz/	1970-01-20 03:17:40	Name: __io_session_id Value: 51bac351e.3d5ed62a1_1653458601298
.nur.kz/	1970-01-20 03:17:39	Name: __io_nav_state336 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.nur.kz%22%2C%22previousDomain%22%3A%22%22%7D
www.nur.kz/	1970-01-20 12:03:14	Name: __io_unique_336 Value: 25
www.nur.kz/	1970-01-20 03:18:43	Name: __io_uh Value: 1
www.nur.kz/	1970-01-20 03:17:39	Name: __io_visit_336 Value: 1
www.clarity.ms/	1970-01-20 12:03:14	Name: CLID Value: 3007c6a378984a9691aa08bc5ec9e7b2.20220525.20230525
.nur.kz/	1970-01-20 03:17:40	Name: __asc Value: d4b43dcd180f9d005b189c8e64e
.nur.kz/	1970-01-20 12:04:41	Name: __auc Value: d4b43dcd180f9d005b189c8e64e
.nur.kz/	1970-01-20 03:19:05	Name: _gid Value: GA1.2.1570992650.1653458601
.nur.kz/	1970-01-20 03:17:38	Name: _gat Value: 1
.yandex.ru/	1970-01-20 20:48:50	Name: i Value: OXP/o1dBJAaZZa4Qhdx7W+I7ZCV1C5Eh1q9LT8L3IOCs3BeokP2Kp8ymr9VaFiI+YGHJbhmhVp0QaQRZwyl3hVhOtoo=
.nur.kz/	1970-01-20 20:48:50	Name: _ga_L3EYGX7DJS Value: GS1.1.1653458601.1.0.1653458601.60
.nur.kz/	1970-01-23 19:08:02	Name: __eventn_id_props Value: %7B%22globalProps%22%3A%7B%22env%22%3A%22prod%22%2C%22source_type%22%3A%22desktop%22%7D%2C%22propsPerEvent%22%3A%7B%7D%7D
.nur.kz/	1970-01-20 13:17:38	Name: nur_user_id Value: 706b2892-c255-479b-b9f3-58d0c90fb0c6
.nur.kz/	1970-01-23 19:08:02	Name: __eventn_id_usr Value: %7B%22id%22%3A%22706b2892-c255-479b-b9f3-58d0c90fb0c6%22%7D
.nur.kz/	1970-01-23 19:08:02	Name: __eventn_id Value: j8p3i7zn8e
.nur.kz/	1970-01-20 05:03:50	Name: _gaexp Value: GAX1.2.CgAho3N_S6ek6TgBcPgd7A.19211.1
.nur.kz/	1970-01-20 20:48:50	Name: _ga Value: GA1.2.819422530.1653458601
.nur.kz/	1970-01-20 03:17:38	Name: _gat_ABtests Value: 1
.nur.kz/	1970-01-20 12:03:14	Name: _clck Value: 15m87oz\|1\|f1r\|0
.nur.kz/	1970-01-20 03:19:05	Name: _clsk Value: 18m9kyb\|1653458602037\|1\|0\|j.clarity.ms/collect
.yandex.ru/	1970-01-23 18:53:38	Name: yandexuid Value: 8505445941653458601
.doubleclick.net/	1970-01-20 12:39:14	Name: IDE Value: AHWqTUnyR7ig2pilch2lTf2xenPEan_7tiTvzy_dlp5WF9stbBi2gBMgxamZM5vDhEc
.casalemedia.com/	1970-01-20 12:03:14	Name: CMID Value: Yo3GqvEYIQVjtMySaSk2awAA
.casalemedia.com/	1970-01-20 05:27:14	Name: CMPS Value: 3271
.adnxs.com/	1970-01-20 05:27:14	Name: uuid2 Value: 4687842941650448233
.adnxs.com/	1970-01-20 05:27:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>5k#5^_!]tbPl1M>e)ZlrFUfJ+tGXxo@FTv1(B%.`YZ/x.]AaeVD=MWA_/!Fwr<Q]dbpRzqF1`b`[m*Cyq#
.casalemedia.com/	1970-01-20 05:27:14	Name: CMPRO Value: 1211
.nur.kz/	1970-01-20 12:39:14	Name: __gads Value: ID=4e43260094b1ca99:T=1653458601:S=ALNI_Mawd9rwnUjvtOSY6nKPl-pDyduMVg
.casalemedia.com/	1970-01-20 12:03:14	Name: CMRUM3 Value: 2d628dc6ab2760CAESEMPcpfq2EA-9xxRFWal05eM
.casalemedia.com/	1970-01-20 03:19:05	Name: CMST Value: Yo3GqmKNxqsA
.quantserve.com/	1970-01-20 05:27:14	Name: d Value: ECIBCQGcJoEA
.quantserve.com/	1970-01-20 12:47:53	Name: mc Value: 628dc6ab-9b68e-dda00-d7dd4
.pubmatic.com/	1970-01-20 03:19:05	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:27:14	Name: KADUSERCOOKIE Value: 46989B2F-B978-4DFC-83E9-8D134B37FF0E
.o2online.de/	1970-01-20 03:27:43	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_323350682_145341330_PO4303A20220503&ref=26952494_4307561_323350682_145341330_PO4303A20220503
.3lift.com/	1970-01-20 05:27:14	Name: tluid Value: 3995446133935181648337
.mathtag.com/	1970-01-20 12:43:33	Name: uuid Value: 1dbc628d-c6ab-4500-914d-26a51bf45fb3
.mathtag.com/	1970-01-20 04:00:50	Name: mt_mop Value: 4:1653458603
.e.dlx.addthis.com/	1970-01-20 12:47:53	Name: na_tc Value: Y
.travelaudience.com/	1970-01-20 12:47:53	Name: _tracker Value: %7B%22UUID%22%3A%22F2BDAD06-68DB-47FD-96BB-B37EB9EA22CB%22%7D
.adform.net/	1970-01-20 04:02:17	Name: C Value: 1
.rlcdn.com/	1970-01-20 12:03:14	Name: rlas3 Value: sSKtXxh8ERuK9/0dobqnfXccBsU5TJgjt0MlJ2A5dhk=
.rlcdn.com/	1970-01-20 04:44:02	Name: pxrc Value: CKyNt5QGEgUI6AcQABIGCOndKhAA
.adform.net/	1970-01-20 04:44:02	Name: uid Value: 2538271906309001671
.innovid.com/	1970-01-20 05:27:14	Name: uuid Value: 3f2fb7c8-d0cd-4421-b1d1-340c8badbdcd-20220525 02:03:24
.addthis.com/	1970-01-20 12:47:53	Name: na_id Value: 2022052506032400073081855021
.addthis.com/	1970-01-20 12:47:53	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:47:53	Name: uid Value: 628dc6ac301ca310
.addthis.com/	1970-01-20 12:47:53	Name: ouid Value: 628dc6ac0001d23fac94b355bd67d3d38af61022f56165dd3dda
.dlx.addthis.com/	1970-01-20 04:00:50	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:00:50	Name: na_sr Value: 20220525
.dlx.addthis.com/	1970-01-20 03:17:38	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:00:50	Name: na_sc_e Value: 0
.tribalfusion.com/	1970-01-20 05:27:14	Name: ANON_ID Value: asnseFxZduB7RApTrruFc0GPjv0FOPy9Uca59ZanZbGgxxKUIPSXnRrpXm3ELdwLVtg8OPm402vJ55Zb7GOLdBbV
.awin1.com/	1970-01-20 03:21:57	Name: awpv11354 Value: 412871\|1653458604\|63785ff0-dbf0-11ec-977a-2266206bbad7
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.zenaps.com/	1970-01-20 03:21:57	Name: awpv11354 Value: 412871\|1653458604\|637838e0-dbf0-11ec-91ba-2230ae711e76
.awin1.com/	1970-01-20 03:27:43	Name: awpv14098 Value: 412871\|1653458605\|6392ecd0-dbf0-11ec-91ba-2230ae711e76
www.conrad.de/	1970-01-20 03:24:50	Name: HTLP_timestamp Value: 1653458605
www.conrad.de/	1970-01-20 03:24:50	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 03:17:40	Name: __cf_bm Value: OLJhPksTjQydNaO6hbR2f.5FaRe2dScJZo_FzctIBWk-1653458605-0-AQr0s2IPHJsOw3K00rMJbX73XUW92xkg07/giFclD8cknAfB1yKr2r6UNU8ArhCaSzf3R2+X9I5Fn2mwH6RoBmQ=
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.awin1.com/	1970-01-20 03:27:43	Name: awpv11938 Value: 412871\|1653458605\|639e1060-dbf0-11ec-85d9-223185680794
.congstar.de/	1970-01-20 03:27:50	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1653458605_639e1060-dbf0-11ec-85d9-223185680794%22%2C%22sp%22%3A%22awin%22%7D
.c.bing.com/	1970-01-20 12:39:14	Name: SRM_B Value: 39C8DD43909F69BD1E4ECCEC91F468ED
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:39:14	Name: MUID Value: 39C8DD43909F69BD1E4ECCEC91F468ED
.c.clarity.ms/	1970-01-20 03:17:39	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOCnxnD5sG8BINtWU-ZS9ac&google_cver=1&google_push=AYg5qPLqTLxoR3-qyH8bR3xQCMHHAM1vJ6MEwNDXnlGw7tew7r848_tzwxs9XSoji8SaDtlFglgsWDHixsiLGliRKWWWjNh7Q4IPXw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ade.googlesyndication.com
ads.adfox.ru
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
an.yandex.ru
analytics.google.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
avatars.mds.yandex.net
banner.congstar.de
c.bing.com
c.clarity.ms
c1.adform.net
c9384ceee439f5ea0a7268659995ce75.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.nur.kz
cdn.onthe.io
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
j.clarity.ms
match.adsrvr.org
nur.kz
nurtech.pro
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.rubiconproject.com
portal.o2online.de
prod-rtb.ad4mat.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stat.khanate.pro
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
track.webgains.com
tttt.onthe.io
webapi.nur.kz
www.awin1.com
www.clarity.ms
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nur.kz
www.zenaps.com
yandex.ru
yastatic.net
googlecm.hit.gemius.pl
104.102.29.65
104.90.192.27
104.92.94.3
116.202.11.241
13.224.198.93
13.225.80.87
142.250.181.226
142.250.184.230
142.250.185.162
142.250.185.98
148.251.139.77
172.217.16.130
178.250.2.135
178.250.2.148
178.250.2.150
18.216.229.163
18.66.248.93
185.29.132.245
185.86.137.108
198.47.127.19
20.85.30.134
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:98f5
2606:4700::6811:190e
2606:4700::6812:7f05
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:27::cafe:1389
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0a::9d
2a00:1450:4014:80f::2004
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1be
2a02:6b8::90
2a02:6b8:a::a
2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
3.33.220.150
34.254.130.126
35.186.253.211
35.190.0.66
35.244.174.68
37.157.6.242
37.252.173.27
46.236.35.87
51.89.9.251
52.142.114.2
52.214.225.206
66.155.71.149
69.173.144.138
76.223.111.18
82.113.101.132
91.215.139.234
91.215.139.235
94.247.128.36
94.247.128.38
94.247.128.43
95.216.24.149
00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140
00693ecd39c8a4d1bcf2d72b94731fca82db6d5da53a2883d47287b2e4ceabab
0284dd685ae0498b7c765b9b8b31f09e77736ecf3ed0970f357cf05ba830bfd9
033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d
03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52
05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde
061aba3f4986a30c3a0e5e75cf20be0c806136ab02918984c69bf3ff6a08a8e5
0827da877db98e3dbfc8796dcb438bea89045ddacf5388283adbe34cccd93088
0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a
135f2a0abeef246042a1ab29df25e4e4a627e789b0f3556539a2706bfc9b2990
14793fc1b610a32700143fba63522a13a5946ba4a6b70c21a871203b0f3f91bd
14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7
16681b53131c01a2d8a9f10d4aca9970c9eb7420a137903e667751ff0c62ab69
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7
1798f0a9d19308f6ccf1923ccd7377652467fc81bad168a528a9ca043f5b16f1
17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda
1d49fc65e06d7237ab11b12091f9e35ae418f06a70691fae2295c676368ceb91
1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
1fb2e1a377682f1926911eb2593c662f0e0333c1ec1810690dc00a0a160abc35
21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d
23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c
25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76
2677edea48ed30f7d9e13bc89a8a55a4c073e00a89d7aa931d21ea98048fd864
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2870218c8f77e99ee71a4a49fe9429780a452b4081a1fb38c2d57f10244c7bff
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
2bf879861e15cdde7e55f3aa43c718b500b2b3b5c5346953b4a949b682f1932a
2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743
2cf4703c0a11c8131731dd7d8b32c001fe359d46d12ac9b03d802797f0abc2bf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f6a074b70b1d573b395c7d088df6954c2c8cb7e16036a69b67456f13139b55f
2ffd39055620531ddaee4b415d5c74f9795247e47232b2a97b335df897a78e09
31aceb08e10d1d8708728f7cc683eed2cdd191cb0b42e0e31970eddb1fb40f50
32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7
35e45b49a5bca951ef16fed7228a06848396f6eae8136372a203bc656fc52f35
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
39677cc4e91cffde2abdf04499da371d458713c43742e2aa4578b7a7fd9695d5
39876997fc850cacfbeee657828066ba9ea282de46672aca2b739fa0cdfd6c32
3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4
3d9929e941ba495084f03392c780931fb8f37107b2da036b8bc46f16d44c93af
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7db6edd55fea9f4e63c93cbbc61a912dc54439f3a56141f7de1e72ec60ae1c
40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31
40fd07abc766d5d6ff76218eacb62fe919e429e65a3cbea9b941a45a6dbe7048
4208a9be00db4f36fd2b0565abccc98d6bac743c04d08e19f1720fa32ce7fad1
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
441dcfa5c3c2c355e24740df37e35d4641ecb12e931b5266e8b1c997db8dfd70
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4bf8e2b1f9b9196fe82c1b41b93ac1f9a54c6a88e06489b0d8427bafc0f44e32
4cb1c187d62b84eefac8e3616a0f09b11a60db20f38fede59e7aa7634778d32c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4f44e1b436d000b57b2b6b4bb4dcffda19ffc6986b85a76395a3e42bcda467a5
4f46f4bd9ebcd718cdae8f13c431f8d46244424220d84c2eee01de3f90311530
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50692dd1598ea954a198b325537ddd1b1c28ec80d58fa4150f7a4c3d17aa79d6
50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4
53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4
5325394904e37523023cf98861fed5fcb6d633f49fcfb7b4d3f2f233547ae427
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019
56f6845f5ac454702b5ab0b9ea05e5fd19791f3099584a58b1dde7e7aa605ab0
587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0
59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2
5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b
5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f76ef8dbf025afcdcfc904fe4d207f2cfb246883fba9c12638372dea4d96d9a
60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d3c2fbb9ceb73ef8834782ed32e19328daaf6d86c8b1d961f4740cf0298147
641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8
64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567
68c3b5e4ce8dac761ecf5a0278eec17dcdb7a613a461f893737967fccc8130c0
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
7020982dbf299a2ed0d9d56dc81a4fbce791d4ee58002184d61cf31a1b842668
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
70df14fc899f41fcf1da268348590755b700a93b3c2ebd00feab55073c9f386d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a491d79badba46f7599b546f0ba30cbdc204238161bfd416141aac15f3ab98
75f2b8c48f20b369362dc65af86c17d672285dad4012c6f0f187c49ad465812b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ae1cc0b9e351dc168deea2e005444323f1151f7c65574152a4c99531f65d648
7bfcb2880098396200e25064e63349d05bc81db695d76d34da081b8f196af248
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a
80b110bd2739c684f764fc9440cd2685591af18f0d8dbf3efe7b5c13c0ac459d
83168c5a624fa8d0c9a39f6aec8bf193626265adffc132691f7f32b4d02a16db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874a35dce22fd7658f32ddc352b1b2fda24fe8e01a6dbf31fa22d0b85bff1534
88244bb20e14d8a3b753419034057c4c3a10bf5f79e2b978f9b52bdae8580045
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a43b2c280ca415162791ec2ac83579afe090a4b4e116ef99f95b1b6f6b832e0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d1e22184b2a1af8623b74f5efff121858035499e7756e63c34f6f78a329ca41
8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8eb26941f3ac879b299962470c835958019076d4de197af39414685cdadd54e8
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f362b048000f1579b0d0593d0e7c3eba2d8e124fa42efebc9fecc4fb870a4dd
91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe
947192254268002e4be259000333f6c1e3cb755fd7f344816afa1a358dfbf261
951d7a354b45b051eab055548643236540543b010be97591d8d75ac709dd8940
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97cc347de0f2bb5694b606cb966b8175d8aeded8604a66fa58575a81b85c99af
9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2dd75c175466bfeae087c24e6809cb97621deb1b6c5c23b11c009aaed2a556
9cc7e894e95bf50ee6a1c31a843005364bc0ce67ae925d6bc3fcda968d2fa0fb
9d23311251eea6d5389f9a4cb4712b023fd9002db38ca7db11e27f9a27201e0a
9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01459cf03150bafedb716bb1bda7b15b48a6f7609576372987afa5a42144da6
a02f6b7d682d35c14525337b51d8d709023b7cba60a717dee794113e42e6457f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601
a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf
a2989e9473d8f042a6a6bdee1f957dc67bd907e515476e0cc231534db1078803
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e
a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d
a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34
a87e980e9a8004586d408e4d4968f2a816c405ab38aeea9960f9034b635e6dea
a8a3efbadb8f4d7877fac10dde23ce704721e65ca08d35015276a3bda7f5889a
a99bfdededfa3332929850cf132cb86c48e203ffee6aa4204861178669011cd1
aa022b49048d3c6beaf6844fe5d7d7fc495885a467e1ad3cd4de3f675e2df1bc
aaaaf4779f47d52b9850d5353649b178c9434b2bf1a60bc37c46361dab5847a6
ab5a18aefd981ef3064c328c36a91aad5e009103dc309e178b63dd899bc180a1
ad3a353ced8db6bcd5c01ba27bbdb2b9096995be4ab765599ae0b4917d399d6e
adb995163c403af9794377dc98fc1eedc23d8b463b99909a54ae9f97c946ac2f
adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16abe7754445182c7266c83db145f753e307f43596a47e7306fcabef6d79d83
b262f0d4199201f8250a8f2324b8212a9a4a41352c4d2ba2aa88d960ed44dd9e
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b2b7c588ff22430fa730b8dfb76180f58d6f77517f5fc46797568dfb8431e929
b35200a1f47c1686fa037061d04358d2f3c058c2b10d583a82e5e8af77fb50cf
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045
b6ec9c731e4519c096e7f0a9795f6ba4e8efc57ac0afeb276248ea77e12be55f
b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401
b88e618aec677e4e93ce5ef6b84cffd3da38247ef4e54c0725748de5f2e74cca
bad97355a66f81c608410f6b003f147b1edbb69bb7704ec3dc8f95b38724d1ea
bb0210290b40a104304e48699615f77ea30943e8158cf77fac6708e046cbe5b4
bd79cd65bc9b01eaaa677ea39f71aa0cb323c1b9e73c1f49a2df18d160ea2822
bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3
bf575110f00bcd665556f5ec69859ed96b330561a00b8b63308381d5858d915b
bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c31fc81f286500b2c7f1f6c171ede12ce3b2a61d7d2f00df9d650456e42f4c1c
c6334df911b12e50cffb9153fc8799401f6509c4ffe20b4054ddb2ba7a1ccf6b
c802ed3ee1407c58a04b7e0a11bce4114ffb6da4c6de751565e9206e35467e6c
c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610
cc761c804f1e485afe8728643c1294604ecb8efe28b97082d8a5429b151e0370
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7b4461c500623d971fa24be48832fc1fa2f4ab9c53d70576897743d473c402
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2c60a3c0032720034c0add9cc551bea870363ce197335580029ac540a56221a
d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e
d475daa0377e70ccac4d30f611533778d3c5f7ad2680e355c265c6878d8ee88a
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23
d6db8fefd34baed6a1cf5b718ac5f221e9747ac324fdae8c0e8cafb430f1c854
d72f0c2c009fd1c8f111e2426abad1f6818ce7ac92eb45e1d01b2e3b8c8eda44
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9f592fb3d52da116ffab72688e08756bf414ecb16e614a4ed2120960ad1e9ae
da396863b8dd9fc1ccd29ac244ba3f646e7910b6c423ed3d83610f33082c2b43
da96a933feeba485b5e59758abb2acbb369cf407d9d9f814e767936387c26b4c
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc55bad6797af66d2c90351a1ab2ad0578206a398293ae448f0d0e2998d5bde6
dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd
dfb12c0b442ba7081d19d86c373fa48db83e91b86f899bc9cfc960c307a72f0a
e0ba8eb78075548b74d2f90b577247b115db32ef3922d7a739a4f68cd5a57a03
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e149e2e10ef304e7c24654754ca3ec8684e02bed893a785e14b57df3be3feaa9
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7
e4a4f0fed1bb5bb45d2675d2a4f4d7ca3729214682475c35d51ab9e9840b6987
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13
eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70
ee2acc5a726593e71da1935f478ef20e5c185ad1cd43fafc07b148c147650fff
eead9e2fced68b1b473c9880e1a1f322a3b5e19da1796cc2387ae23a3795b3e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
f28828f3ffce25773f3c3a7abd63d463b5820d32d7951b300924a30d6632ecb5
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
f47f25ca057e47a60b083139d625b46728088c53a1232b5e982ecaa7d0b146bd
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f9231720cda0591a8e961193d0f17af8a79c3c3658129af2d723ebbabe823289
fa3488c1f1546fd2dc0e99ba16137ac11217dfb19f3f79c41d6cc24669668f54
fbbf71165978d573414a698dabdee1d4cadf617da53d07f58bb5e98fb45c6f03
fdaf07e1d6b524a752136f897b3b1ef2de1a0646c241007ef252101b02f968b5

www.nur.kz Open in urlscan Pro 91.215.139.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

449 Requests

92 %HTTPS

47 %IPv6

56 Domains

86 Subdomains

69 IPs

11 Countries

6359 kBTransfer

11142 kBSize

72 Cookies

24 Outgoing links

Page URL History

Redirected requests

449 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Screenshot
Live screenshot

Full Image

449
Requests

92 %
HTTPS

47 %
IPv6

56
Domains

86
Subdomains

69
IPs

11
Countries

6359 kB
Transfer

11142 kB
Size

72
Cookies

449 HTTP transactions
10 data transactions